www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
200 OK 19 kB URL User Request GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
IP
ASN #54994 QUANTILNETWORKS
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (731), with CRLF line terminators
Hash 45578a06dbf39bb9b257bad08c58db3b
9098f5431041897e1f9ffcb394dd92bad80dd460
1914cce594d0aa522574bdb074ea20b68a849eff4911123b885bfddbf001dd2f
Analyzer Verdict Alert openphish Wells Fargo & Company
GET / HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:06 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 18843
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-bd40c448-1177-48d0-988c-c814a4d6cd90' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Language: en-US
X-Akamai-Transformed: 9 18778 0 pmb=mTOE,1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f; Expires=Mon, 05 Jun 2023 12:24:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894; Expires=Mon, 05 Jun 2023 12:24:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:72; Expires=Mon, 05 Jun 2023 12:24:36 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=11202306050524061747852754; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:24:06 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; path=/; Httponly; Secure
DCID=56a11lHXAzELOMyLqpAM926Lh5ZL5kLtoCF8wJDVo44XzDIoxvi6cm9Us30XJS9R; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:06 GMT;Httponly; Secure
_abck=EDEA8DEA0E0F8F025949A93BB6DE110C~-1~YAAQjtAXAt1f6oqIAQAAnL2DiwrT2XEL5Pivemr/h/JnBEdSk4fk9NMNOa3nxU5VBu2rn8KTD9jAR7FnYtcmWxKay1fkuxGWmDCz0+91/IdPOX2Gd5O1pD3BOyGptl5IddeKisvu9nhY8+T9ThPItVIrwrpmJPYNp0Qq3zOTBzlXAVwMTIK2LsmQERqJbvH3JGaK8kVDcUrfR+q+S3yUgmwIS9TPrOqlJeNUiBmKZXLiJD9GunD3SP0xawvp0ny5RB3CgFpQvHQ/0XUX28oQw9hCj636a+6M+/urq/Abw2MfcJK3ZYTro3pfMdTYFp+D9BHJAbwr+N574E/EU95r5PkETVQyrH+upEicBdrOTK4rd8Jq573486cKpcOPm8I6~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:06 GMT; Max-Age=31536000; Secure
bm_sz=ECCB165063EA1AFF018428271ED58705~YAAQjtAXAt5f6oqIAQAAnL2DixSe//qBpyup8k2/jlQxMjT9F16sV1Dum9hz4oyya8g7eVDlUtyZSHoSe62ZsNzVa918i9RY0ZmieK8Sp8EIAFUpHj5S14Xv0ZXLw3XYzFZPSzSt7DEunrPyFkWempavTuMuwTrAPbhx9X+V06cuiwyiXYNjuTstFQSdWXPeqqJWRre8FuhQfHtynhdgpQ8DhQvh3RiE6XyeI406ihmGG/4WX4VKZFD/T7qhNg93ol8ZQy04N5GPjpLBAYPhD1mYddNJ1NgcZIIuMuCVP48GW9DoCjvG~4277060~4469561; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:06 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:6 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e6_kf182_8107-24638
ocsp.dcocsp.cn/
471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 5383f39cb41709ed1e5e9632b0a0698a
038f5b4ac770fb2bdfdf5518bce0dc60e3f40443
016dd647ae0bca643ee73a847d8413e649ba65bf6153512c8c75b9ada22eed20
POST / HTTP/1.1
Host: ocsp.dcocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Mon, 05 Jun 2023 12:24:06 GMT
Ali-Swift-Global-Savetime: 1685967847
Via: cache21.l2de2[480,480,200-0,M], cache17.l2de2[481,0], cache7.se1[506,506,200-0,M], cache7.se1[507,0]
X-Cache: MISS TCP_REFRESH_MISS dirn:11:258410560
X-Swift-SaveTime: Mon, 05 Jun 2023 12:24:07 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 2ff62c9b16859678465177162e
www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_logo_220x23.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c939da49d435a33b6da79639dd7b449e
b5c908f157d240c4b78f1e7a6c0808aa898c9c23
60088561eb43fca42fc2f9c996af43347355642872eabfa97a943d2f28ee474d
GET /assets/images/rwd/wf_logo_220x23.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61bcfcce-10c2"
last-modified: Thu, 20 Apr 2023 01:30:26 GMT
server: Akamai Image Manager
x-serial: 853
x-check-cacheable: YES
content-length: 1712
content-type: image/webp
cache-control: private, no-transform, max-age=911125
expires: Fri, 16 Jun 2023 01:29:32 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
200 OK 24 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/ui/css/homepage-ui/ps-homepage.css
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash faeacce8b6ad342cd86a6a8d5e4b52c7
818f0301128768ed137adc0a80759721b57027c8
befa04abc1ca69b01f6d8b97af7399611e49e69b541bf33554ab37f5b6b776c7
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/css/homepage-ui/ps-homepage.css HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: text/css
Content-Length: 23837
Connection: keep-alive
Expires: Mon, 05 Jun 2023 09:20:40 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2a973"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Age: 1
X-Via: 1.1 VM-CDG-01hzl162:2 (Cdn Cache Server V2.0), 1.1 kf182:9 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_8059-44953
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
200 OK 26 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1f8dadb2c78b667abbb3e1869fb823fd
7ac507de2102b9198b6590d339ed4ebbe5a4db27
c19b0b9b383a1efa5a50fe1c6e48fa46e03512e47666e17cfab1c7bb77c182ef
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_b_mv_0723_3954_b_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "62057fd1-14ef3"
last-modified: Thu, 20 Apr 2023 01:31:58 GMT
server: Akamai Image Manager
x-serial: 1294
x-check-cacheable: YES
content-length: 25648
content-type: image/avif
cache-control: private, no-transform, max-age=911262
expires: Fri, 16 Jun 2023 01:31:49 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/choice-privileges-card-79x50.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 723ea3757b670b62e78a271262f7a226
0eaa5d0a1bde4446a39f3d9c60a2719581c38837
ce9903039a68a570fa3787c621e9ea79efd40f4b24afd194c4025d085d48abed
GET /assets/images/rwd/choice-privileges-card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64396a1c-1f52"
last-modified: Thu, 20 Apr 2023 01:30:29 GMT
server: Akamai Image Manager
content-length: 1441
content-type: image/avif
cache-control: private, no-transform, max-age=911105
expires: Fri, 16 Jun 2023 01:29:12 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
200 OK 58 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/ps-homepage.js
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
Hash 817137481b98432168705ff99aa7ca57
9049c9adaa1e735f5e8c1b17f72a88f8fad3994c
884b8a0cdadbb630b742a414622856e833532ecf5eb3ba87b6066bceb521f086
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/ps-homepage.js HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 58231
Connection: keep-alive
Expires: Mon, 05 Jun 2023 12:54:07 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-2c686"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01cV0174:4 (Cdn Cache Server V2.0), 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_8008-31417
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
200 OK 76 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash 0d61b4e4742d5251c44efcd5d8166a2c
04189d5a539c1cc84fee87994097919000f3434b
c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/javascript
Content-Length: 76203
Connection: keep-alive
Stored-Attribute-Sha-Checksum: c394010c09ddb06f644c54c2cc3d1c8003f44f5668b7eb1e39f38e051ab7a5c6
Last-Modified: Wed, 26 Apr 2023 15:12:26 GMT
ETag: "5b60948dc39561fee36fa77d7eef5047a16cbdb8b05e43f4f2fbc918f19cea08"
Content-Encoding: gzip
Cache-Control: max-age=21600
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Pd7uCB%2fcotInsW7jEwN8vw%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=A2909B4565596911891AEC6365C9165D~-1~YAAQjtAXAvdf6oqIAQAA3b6DiwpY0m9MXuti5eB7ErjXGYy0cSIdNyFI8qjuhmYwuzhlNmPff5myPbmDk8pmp3V+0sZ7OoSWD/Ja83kuCWiCpOGtx7SRmm65tLJ1g2osQK/ooSCuXRbjzL733WtSEPtvHOKU2mDQkNUaVgndslw4706ZUAWV+dAosJyv6eYu5c2vXsH0XsIQ7qg7e4lwf4bQ1WdIr23WQ5a588j9LRkNrLWIlzZyDYMo1Jleh/cQGZKEHpN7PEr6JXMO9erZwWrTABmctiyl1ZH6qZY0UMNfmCmmW7aCI5AYy3Lcvp4xpX0BtOnzzLocuYOuybI3qZ2kqb8Os5qZxcvMg2gZwFuQgMIwv8JBxQ5U/BE0yxhG~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:07 GMT; Max-Age=31536000; Secure
bm_sz=EC36D6DD50F20FDB885C90545F195A06~YAAQjtAXAvhf6oqIAQAA3b6DixRpBqBoAVOPPepH2woXrcP44yZQ9NULpOuclex8wvaEFy+WBATbY/XOzumq487QOCaKvii2SFb8wprVWHulM3OarBb3RUtmietzvJeZZnp7vbt89jgLRDB019gNW0ezEiD22roa7xwVXOoC6LDzFlDXiRDdazvvjnuNrmmDAttMyle0EHZwDWu0Fg7OnU2Nff59GlzXnffou7kVWIcR9RDiKUJG4ZxtjUneZ96f8I6Vcbmo6wIF9NB3BNgGonbSv9U3gMIrL0rhxthc5rCPVgK/HZeN~3553335~3622193; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:07 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_7807-58605
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
200 OK 19 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/ui/javascript/homepage-ui/homepage_iaoffer.js
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (33363), with NEL line terminators
Hash 1f9ca16f9fc2bfd6185aa57f8e9e1996
9a32e9cd41b9f7e4ebf0cb2364a333414f1f3e52
f1f5d2d31133a2c5bd964ef6422e45e1d1c5741d98b605d6a2cbf7257092d1ab
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /ui/javascript/homepage-ui/homepage_iaoffer.js HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 19159
Connection: keep-alive
Expires: Mon, 05 Jun 2023 12:54:07 GMT
Last-Modified: Tue, 18 Apr 2023 15:19:30 GMT
ETag: "643eb502-e805"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01hzl162:0 (Cdn Cache Server V2.0), 1.1 kf175:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_7891-41229
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
200 OK 4.3 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?single
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (9269)
Hash 354e8ce3b6593f38e7a1035e60ee7313
7bf55aace3ec7f4a669f55ac8d14d278584b8389
20c52ba3dbbc0536221faddb98bb45541bb58dda2b1abb9d420dabafcc8425dc
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?single HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 4281
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 12:24:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=A9G-g4uIAQAAElf4cwyCPsKq3oUlHtJO6lb1Zg3EXvBuf3vPpJWbHVc4ep9NAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|ea026635acd9be3abfe3c073624958cc3578afc3; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=CfbbK5HqMU%2fY8smoiLpNvLZjG0UcFla+WP9yFL6OZx5qy9Le19m2CqOEvC5zAoa+; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_8107-24650
static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
200 OK 901 B URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/appdEUMConfig.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (1952), with no line terminators
Hash e7cf4c458b327ab7ed31e0936ccd404f
970bf05073f91ad6b8f21521f7c9886f71f2af1d
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
GET /assets/js/wfui/appdynamics/appdEUMConfig.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 20 Jan 2022 02:38:25 GMT
Vary: Accept-Encoding
ETag: W/"61e8cb21-7a0"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 901
Date: Mon, 05 Jun 2023 12:24:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=JEWV6Q5B48y+eKspvc23Vg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
200 OK 49 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/sprite/responsive-sprite-v7.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type PNG image data, 1187 x 406, 8-bit colormap, non-interlaced\012- data
Hash 4576998e5446061faba47c4c609823e0
3beff60a8beab6ef65403e7bc02f996509c737a2
9730d81c67de0dae104be9a17b43a179e68557cc4a10a81c95fd451630d04b39
GET /assets/images/sprite/responsive-sprite-v7.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 48569
last-modified: Thu, 21 Jul 2022 20:05:23 GMT
etag: "62d9b183-bdb9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
cache-control: max-age=12551123
expires: Sat, 28 Oct 2023 18:49:30 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-rg.woff2
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /assets/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22424
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5798"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12693946
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-bd.woff2
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22172, version 1.13107\012- data
Hash f0307736c3a6ef356722f1dc3e9fa3f4
e29ea90ba786f0e08caa770dcfdfe923f619bebd
6bc7e16d4b6822a6867d7dd9f9d29f5fd77cd803750b0fe38a92309d9eb00704
GET /assets/fonts/wellsfargosans-bd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22172
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-569c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12693946
expires: Mon, 30 Oct 2023 10:29:53 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/container/wfui-container-bottom.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (45298)
Hash 308e427d5e59a148900bf524ecd5829a
73baa209d84f2d15c88606b28280d2121efd878c
c15cbdeb4d6f20c36afa165203fc74d9ee00c6d77954971b0e1ba2e5ec222b07
GET /assets/js/wfui/container/wfui-container-bottom.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 21:05:06 GMT
Vary: Accept-Encoding
ETag: W/"6407a702-b125"
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15731
Date: Mon, 05 Jun 2023 12:24:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=RwXDy5K+3H0aG7Pf3WTohg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
200 OK 23 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-sbd.woff2
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /assets/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 22600
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5848"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12551138
expires: Sat, 28 Oct 2023 18:49:45 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
200 OK 22 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/fonts/wellsfargosans-lt.woff2
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 21636, version 1.13107\012- data
Hash 1a2740c8df445989e4ee5f5396b6474c
a3f8545619fdd5b2a481952cd9e2c7b169bb43a6
63673faef8532b2789dee1ac7534f87b1a6a249590acc7da8644beda141794fc
GET /assets/fonts/wellsfargosans-lt.woff2 HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 21636
last-modified: Fri, 03 Sep 2021 13:01:20 GMT
etag: "61321ca0-5484"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=12618375
expires: Sun, 29 Oct 2023 13:30:22 GMT
date: Mon, 05 Jun 2023 12:24:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2179
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=aff7DuP%2fwfSwGcEpr5OB0A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=aff7DuP%2fwfSwGcEpr5OB0A%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=29ABDBBC7EDC5E87B0BC5E279EFCB097~-1~YAAQjtAXAh9g6oqIAQAAysCDiwrcPrac/SSGPGdi1oe7lDLJJLC52QdOiX2odvTmGH6+tMlr1x9qjqlXuWs004R0ySqm3hzST0NTw4cCBEg0qVqAPIdfCUwrkpFyxqlUNpxJGB4ZETIXcDSU9E0OiSEImPNjUZQbNFaGE/rTjKVt3O2xSsqDK9o+Mzjsch9bra+wwOV+DiMTYARj2I/9yOVIuJWeEn+l4Sij12zhn/HD2wrOdSUjf54BIo5bFR+g2nnWZH8WhFXnfmj84iODB3Kh3tLbQFKfbq0H451Bv/LvbwHbDUypuA81003OiJffMipUDC/+n95Fc6O1l5kVQVgQqzF0S0K9Q+9fTa7jsuihzjUJvN7j3WVVBbGCuUMC~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:07 GMT; Max-Age=31536000; Secure
bm_sz=C8781AE62546E9A4C605245776EECC6C~YAAQjtAXAiBg6oqIAQAAysCDixTqGzpDdDeDecUS9Se/Uf8xJh46CqEVU7v2m/X8Bm4zUAawRwrq8zTVJesQsmHWX2vh0MYF7MisRBl9YTn1k11GkN3NRfyDdVsitrN9/5D56y8hUDZExUZJHBWqYYJFIHtUCdngJJqchhvsBe/jAZuYxMGi1cl3oYjSDukqJQW6DabHbK75yTMJLziUozmHg4hwS6N+IM3uL7irX4FgFxa7DQHyyhy+83aC2wGG28n4jsgZNqNBi3gcTrV7BbYYshqo9AzlUzCYZhaL9fMRDTzuHAjD~3553335~3622193; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:07 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_7891-41238
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AACqbYuIAQAAXYwChS-lgY_3WVsQTqV9X8C91I14tOhzxqHJeKFXs--ywA6p&X-G2Q3kxs3--z=q
200 OK 150 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?async&seed=AACqbYuIAQAAXYwChS-lgY_3WVsQTqV9X8C91I14tOhzxqHJeKFXs--ywA6p&X-G2Q3kxs3--z=q
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149470 bytes)
Hash e54536c01a2ca32c271ec665981a0fe6
c15e96339241887311fd7b20187eb51a35841073
cb5d97a8df8283f61271733eb52f77b0facfd85b04f7469a45bdbb1a9d0fca46
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?async&seed=AACqbYuIAQAAXYwChS-lgY_3WVsQTqV9X8C91I14tOhzxqHJeKFXs--ywA6p&X-G2Q3kxs3--z=q HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 149470
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 12:24:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: WesdAksn=AwjAg4uIAQAAS58muLUtTzJabZXWLGSGnj-J1ChsHypNvVHfzRUo6KHOiFMgAaOrhK-cuNk0wH8AADQwAAAAAA|1|0|69c481e279ef191a15ce9aad72698d9afa0feb83; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=nsc1+3AP6MhuiTWw+MGg5TYCK063wxXxsqZMryIlBcGaAMPO6NI3VQg9QinBIsCD; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_7807-58610
c1.wfinterface.com/tracking/hp/utag.js
200 OK 55 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/hp/utag.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (14989)
Hash 9c21270445d8d24ac6f6cd64ba2d2b87
9b6efc3ccfdefe0993369d64c73d1adb15420700
d0a902bf3de91f273513b56ce62fff64de0a89e4c8e05446546c99ab4a1910b9
GET /tracking/hp/utag.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:18 GMT
Vary: Accept-Encoding
ETag: W/"64234932-31f01"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 54703
Date: Mon, 05 Jun 2023 12:24:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=6bn7HY+BTs06eMD7pDPrxA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
200 OK 313 kB URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/auth/login/static/js/general_alt.js?1js
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65357)
Size 313 kB (313270 bytes)
Hash 86b0428bd52fbfeaf6fc736f21b79f1e
357a952f524df35ccf680ecc30ed8764444266bb
fe4623c9de643567800b8518f0a5163d4d6d634f87d93ab792b221834592d5ab
Analyzer Verdict Alert openphish Wells Fargo & Company
GET /auth/login/static/js/general_alt.js?1js HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Expires: Mon, 05 Jun 2023 12:24:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Set-Cookie: DCID=bZB5OoXlPJ0APHMeo78sQW5s5LB0MTyKLy+PWi8FQns%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:07 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_8008-31420
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/target/offers/conversations
200 OK 2.1 kB URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/target/offers/conversations
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (10634), with no line terminators
Hash def40b2316caf872c88fea6c9b3abdc2
87684fd0d387f5979e203d11dbea1f5dfc7e549f
1c6c2de96b8e78bd6d8a1d8ff88ee1a8d09ead1a7c76298b0d129d122fbc091f
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /target/offers/conversations HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 105
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; SameSite=None; ADRUM_BT1=R:0|i:206894|e:72; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:07 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 2070
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; prefetch-src 'self' *.wellsfargo.com *.wellsfargomedia.com; connect-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://resources.digital-cloud-prem.medallia.com https://www.knotch-cdn.com https://www.units.knotch.it https://*.knotch.it/; img-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.analytics.yahoo.com https://*.everesttech.net https://*.ads.linkedin.com https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://www.linkedin.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://2549153.fls.doubleclick.net https://ad.doubleclick.net https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://resources.digital-cloud-prem.medallia.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://*.mworld.com; object-src 'self' https://*.wellsfargo.com https://*.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://2549153.fls.doubleclick.net https://*.advanced-web-analytics.com https://www.units.knotch.it; font-src 'self' data: https://*.wellsfargomedia.com https://*.wellsfargo.com https://*.wellsfargo.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* https://*.wfinterface.com https://*.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-5a332f58-eab9-4db5-a7bb-e51542c469df' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.ads.linkedin.com https://www.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com;media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: -1
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:0|g:00745bc0-9f06-42fd-85c3-fc5504b9464f|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:0|i:206894|e:72; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e; Expires=Mon, 05 Jun 2023 12:24:37 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:37 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:37 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893; Expires=Mon, 05 Jun 2023 12:24:37 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:199; Expires=Mon, 05 Jun 2023 12:24:37 GMT; Path=/; Secure; SameSite=Lax; Httponly
CookiesAreEnabled=yes; domain=.wellsfargo.com;path=/; secure=true; HttpOnly; SameSite=Lax
INLANG=EN; domain=.wellsfargo.com;path=/; secure=true; Max-Age=31536000; HttpOnly; SameSite=Lax
wfacookie=1120230605052407187393367; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:24:07 GMT; secure=true; SameSite=Lax; HttpOnly
wcmcookiehp=CC272B68F1363F9CCE9C5583D626FEAB; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
DCID=RAW44%2fhek7+3VE0Ibi5OXksPgwQ4u9y8Xp%2f6Nk1cqXE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:07 GMT;Httponly; Secure
_abck=66473DDA8AB8686CF8F58CBDE56E8716~-1~YAAQlNAXAlvkMneIAQAABsKDiwpDbe3jWLGTjgLBFvr+3u7J1fOm9vMnHQ7576xOpiKbqLrmvl7VrlH0DRMLkjvyH4SBVgh3NYCvrqfSDZQpNKIud67YmlsDzXRhhZ8Br1BZL7qM0hWpovBQnyhOQS+TqLWJZbXJdRlFp/t0g0o251HYXZTYD1a4XhN1I8l/WgKsgQ5W+l0AYedioEEtrvOgfTUo+iRVbZ2qqnFfOm7EBhRmCEP8tK/dGGtmhFQV3Hg5bcEye/YsdV9FsQjwELEDeMiKtxgyayb4Ey4ApbaKXqufMjAj3ejWwTYVTGayIr+/U6MCUziA3isy2znhQn9qE7CfdG3epLUgqfuLLnYIXeG+9fm5Rpb3kbeo8CNM~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:07 GMT; Max-Age=31536000; Secure
bm_sz=245A0E67090FB659FB8413EC7695EDDB~YAAQlNAXAlzkMneIAQAABsKDixR+lwO2q0DrWn0QZbnNUYKEnuFHZVXC+OalY4frvH0/rZnzu2AzWc8CNfqJHDqGMIUySsh8GCfjtUFagHxz3wvMGuptVidIi9EQZpm0lUKrKcb50B4t0edNN+fDRja3EnP5qUTM/CE2xxNAOxCe/nQnRhkRKtZJMonhsOxYBTpnOxU8vgNFtFmU5KISg9Xiav+KT5U6BYgJbw4uMyU/K2vdfyi/qxXACRVLI6s7mUN0rhXUVwJE1HkKLp6nhXRqCWLo4T3cOF0jVD+SkpWGLM+NipIB~3553335~3622193; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:07 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf173:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e7_kf182_8059-44956
www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
200 OK 9.2 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/ico/favicon.ico
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash cd112f1acb59ef6e59e09c0effd8ce2a
bc104cd92adc32a8f695300d2b0cc69c2776f6af
6780d0b2bc67397895ef7b8845261eee7b9b22610b026835362128942da5fb7c
GET /assets/images/icons/ico/favicon.ico HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 9198
last-modified: Fri, 17 Dec 2021 21:10:38 GMT
etag: "61bcfcce-23ee"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=56999
expires: Tue, 06 Jun 2023 04:14:07 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
200 OK 964 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/icons/icon-hires_192x192.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 7f9f34586bf809f8eb21ceb6b46045d7
90691768aff809a00ce2b33df7e37e34dcdbcbe0
dca86ff9007564cbcb0515ec84dfc727fd8648005a8f12eb0bf5a3278431d6e0
GET /assets/images/icons/icon-hires_192x192.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6116f9a6-dcf"
last-modified: Thu, 20 Apr 2023 01:32:50 GMT
server: Akamai Image Manager
content-length: 964
content-type: image/avif
cache-control: private, no-transform, max-age=911211
expires: Fri, 16 Jun 2023 01:30:59 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2785
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 12:24:08 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=B5dmyomoBzQzzCMpFL55zA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=B5dmyomoBzQzzCMpFL55zA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=990691017857DC7FDDFC1D68C62BFFA4~-1~YAAQjtAXAmBg6oqIAQAAJcODiwq02ATXRY6ZNsGib72RMGzmiQ8KexWIcXMUotmbNyuNkIHIH8lcfod3MRyol1JOoWlilvmhTwwwMZAk6gOK2LiwifI7xVbA8bEOjn8Ulu+AQMZ0tTzqNSB/9VTZlRUbFAdXu/mOQo4EGj4bNhu+pNdcn7eoa4YlwLc71H3YF2eUxlNSWRV3+MFT7G1juDBABDWcXt+7ZyJj5TAZUNjFgsc6TVpKvDO/lbGtDIoza7ZL7SkzrnJVZOPpIyic4v4/M1Qmw1LLs6u2hBHIsGd3Mgu/dbZZvV1ZmHzABKK4becOn879CkCZNmF1nLIymjDDVG0CNvnxtod9l7vygQKKi1IJUMfW89DV2wv3RhG8~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:08 GMT; Max-Age=31536000; Secure
bm_sz=E50069A331EE7480CC00747AE70437D6~YAAQjtAXAmFg6oqIAQAAJcODixTA0eHN2miQ1lcYwsheWsH6Rv2XxUESEnyisqmbbeQ9q1xioi3kpP26ZYej4Lck4dyzRcTTWnxGK9e0W62xjuMmLbgZLjHVUiAgyGjrZalof39w5Hgqje7pdtwOcMPFQieTXFYQdc1vc9iHg/wQvS6BqZtdiXhzm7G6lmF02CuHXIZAX72HY8ZO654XeViRHVM1nYGH54i951TeW9iemyHQOEgQ1pqVnJymrFG+I96fkvC+YNTqBCpYCAQBxiKcOW4o7gMvUmRRDriMKyShZKD3cXUR~3488065~3486521; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:08 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e8_kf182_8008-31436
www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
200 OK 3.5 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash d1b1a3360bdd72738e293e52317421be
959dd982844853f38ab34579ad4738ee17b263d4
e03095c638618279cc642e7a7e10d962f3d7161eb34a25c9a2407045fead2391
GET /assets/images/contextual/responsive/hpprimary/wfi_ph_active-cash-card_1700x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61a7e46d-e1c7"
last-modified: Thu, 20 Apr 2023 01:30:27 GMT
server: Akamai Image Manager
content-length: 3542
content-type: image/avif
cache-control: private, no-transform, max-age=911029
expires: Fri, 16 Jun 2023 01:27:57 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
200 OK 24 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87b3f9d652a18e74ea8ef53a99b251d6
8773c9b3a11fb9247039d731888724ccfb74bb5d
86e522c61649a3fd7b76ea8d8304d88fa1b86d029a349c64a2e4ee3683d019c4
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_900217040_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c49-e902"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 23508
content-type: image/avif
cache-control: private, no-transform, max-age=911089
expires: Fri, 16 Jun 2023 01:28:57 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
200 OK 25 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash bf978a151ba3f10a7412e8cd5fbdb863
2af8e9c16c4f1e96ba1e86beee63521c802c2cce
ac555d446e447b4c8cf2bf2dd377d53c3b21faf83da3259dc8839c782eba1d9e
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_1200094303_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6350580a-d82f"
last-modified: Thu, 20 Apr 2023 01:30:23 GMT
server: Akamai Image Manager
content-length: 24880
content-type: image/avif
cache-control: private, no-transform, max-age=758766
expires: Wed, 14 Jun 2023 07:10:14 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
200 OK 1.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 965f76605b195f4ccfe05353f99ec406
7cc5b65bebc32a1835e778bf984d202fe472bd30
7bb20bbccd8f33fc25b907e8fcbefb0d73b1a9ae7076f8e688fc633f09690de6
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_piggy-bank_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "64501bd4-10f8"
last-modified: Tue, 16 May 2023 13:54:43 GMT
server: Akamai Image Manager
content-length: 1420
content-type: image/avif
cache-control: private, no-transform, max-age=869530
expires: Thu, 15 Jun 2023 13:56:18 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
200 OK 16 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 093dc61fd7b0036526bf39ae69597887
a27c677f83b0554434422c99b5519ace95ddb23a
f5a1bee943c64e915cc0223d3cc7e402b70794950377eb8ef040c835fad7e156
GET /assets/images/contextual/responsive/smlpromo/wfi000_ph_g_557715963_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63cb7c4a-ce5a"
last-modified: Thu, 20 Apr 2023 01:31:11 GMT
server: Akamai Image Manager
x-serial: 60
x-check-cacheable: YES
content-length: 15941
content-type: image/avif
cache-control: private, no-transform, max-age=911218
expires: Fri, 16 Jun 2023 01:31:06 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 89a0759ff4f79071f11a1f90bffd9337
2d734cb1eda293788a673c1fae36b2c1d7e92bae
2223c16db671322ea90112c50128563ee80413e33769d718bd92b99da094712c
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_graduation-hat_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "633eedd3-e69"
last-modified: Thu, 20 Apr 2023 01:30:30 GMT
server: Akamai Image Manager
content-length: 1131
content-type: image/avif
cache-control: private, no-transform, max-age=911034
expires: Fri, 16 Jun 2023 01:28:02 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 1be95b0b232926a8f3015e422dc7d26a
9d9c8a27b6a0a5fceaf3a36da19296e9822b4b2f
8351da32a7b86365880337290fee8d5d3c3bf9f6b0bdc7ae8c8991930c63dbae
GET /assets/images/contextual/responsive/smlprimary/wfi000_ic_b_cash-stack_color-gradient_64x64.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "63617b6e-da1"
last-modified: Thu, 20 Apr 2023 01:30:33 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=911166
expires: Fri, 16 Jun 2023 01:30:14 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
200 OK 2.0 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 54e10b9c13d7d34c19657767d4bab80c
e34a8ab8569f015fcc331eb9eea548cffb7466fd
3059d71b7591fed5674007cbfe04627a88397d42cc58f9a107becb0c269d825b
GET /assets/images/contextual/responsive/lpromo/wfi_ph_hplp_savings_1600x700.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6453c985-8adb"
last-modified: Wed, 17 May 2023 14:04:04 GMT
server: Akamai Image Manager
content-length: 1950
content-type: image/avif
cache-control: private, no-transform, max-age=956495
expires: Fri, 16 Jun 2023 14:05:43 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
200 OK 463 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-1-bg-gradient.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 4ba6a57b8c9f52ede1b958bd4b63700b
22a693eb43a2a76ab994782bc50cc262f986a240
c13a85df86fed8e3d77b952a59a1736743127f1422873b47b4d0a59092c62de2
GET /assets/images/homepage/position-1-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-9f2c"
last-modified: Thu, 20 Apr 2023 01:30:38 GMT
server: Akamai Image Manager
content-length: 463
content-type: image/avif
cache-control: private, no-transform, max-age=911258
expires: Fri, 16 Jun 2023 01:31:46 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
200 OK 831 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-2-bg-gradient.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 026f5e731899c436dbbec268e870905a
160ed7b7fe9a30e81aae6f1136db6ce939113a7e
2a242450947c5c9d9496cd2d4acb67d50b269f5ce36070c3b98c4f88db3307db
GET /assets/images/homepage/position-2-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-cf3e"
last-modified: Thu, 20 Apr 2023 01:33:02 GMT
server: Akamai Image Manager
x-serial: 1447
x-check-cacheable: YES
content-length: 831
content-type: image/avif
cache-control: private, no-transform, max-age=911281
expires: Fri, 16 Jun 2023 01:32:09 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
200 OK 571 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/accounts-cache.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Hash 6497c4493a39dde646c25ba77769bdff
a274bf8eeb1162704dffb48a94fa7984257d5bb0
87539e9903c436b134e3eedeb2fba22286fbca83cfd766afd62e6de9d10167aa
GET /accounts/static/7M/accounts/short/accounts-cache.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-497"
Cache-Control: max-age=1800
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Content-Length: 571
Date: Mon, 05 Jun 2023 12:24:08 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=lxeyj56L6hRa9yhVJpx8maoZhWt1NLRSO%2fd2ebCc1q5EVTGS8zcpfj9oaApteuwR; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
200 OK 18 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
POST /hBcX/XEc6/5eP/4_6/Es2Q/ukm5Jpm2XbEu/SwNsVyoB/VRZLB/GYzRXE HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2621
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:1$_ss:1$_st:1685969647729$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 201 Created
Date: Mon, 05 Jun 2023 12:24:08 GMT
Content-Type: application/json
Content-Length: 18
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QaRUl5ytJ3M4LC7UjVmIqA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
DCID=QaRUl5ytJ3M4LC7UjVmIqA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
_abck=5DAA34FCCE6DC7F6D534ECAA07B4241B~-1~YAAQjtAXAoFg6oqIAQAAk8WDiwp8RiBx44bD9K/ZRYxZ4TNsFoDTkTlqAPj3kQFeRnTB4IXz5De3QYeben23MMp1H0aYfxHmWNYJKSE/BcAgbXWaBPXe0PnKNNLjXup1rpIoMjP8gFaRR75OYHoRDdfjyVyvHRDhTAMKLNXc5GfAokwATdhFqwPn/9qIjq2ILhIyVEmH/Wl6E3NHokUEIHZTRe7KiMa9EXo8PqWx2YCnUcBhwi9p0WF8iXL2Vre+SsDeF+/x5PKmroGz6qMJwNpCkSKanoe9nfelW01LKRK//iVPplZXMkgAZHwMvRbfXaoTg97EdxaXph5SesN7nuuH2hEwhIdx5yhbbw0v6DvFUdOiYOkIJJjOLZmGkjvu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:08 GMT; Max-Age=31536000; Secure
bm_sz=1AA2E28488A7C30FC5ACA5F2D1175EA8~YAAQjtAXAoJg6oqIAQAAk8WDixTzHlmFfsRtH+gX/cK1qmMIpgmz7Nsry7/yOi68t0b8kON2P7BiVikV2yy+4XRs61XMHBhmIB2XqPBHo+kwKmGDJSdKNmmcgJQNyVQhQA3XVjvzpsdUAr5j9iEmRbLm7kgxQcZNZ+IK4XxX88WRtfMti7RS8NwVUqOv5UITx7Zsxj40xHeQsrMVW1sSg1Tk4MGcTPeSe4OZOuPdKD9n4v2JUdrei8BpxCEV+e1LWRdBLVLdw9ccRHqYO0LNCgbCszrKdtRqAwL+JouZwD/rzN3DQBJi~3488065~3486521; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:08 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e8_kf182_8008-31450
connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
200 OK 151 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 151 kB (150902 bytes)
Hash 401082079b8d7600b45a1e2eebffc910
ae55e90824211ab62c39bcd5f781079651287d5e
f3c945ad8aa9c360898b1966d43db2b422548fb277ee0161385504870bf2f76c
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: POST
X-Frame-Options: SAMEORIGIN
ETag: W/"645d3f60-1854"
Last-Modified: Thu, 11 May 2023 19:17:52 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:24:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
WesdAksn=A0LFg4uIAQAAA5NWEMWCeq4lSyk54PvXJB4G9tt67XtzbnedNU9cwSYnGH_EAVtaKpqcuNk0wH8AADQwAAAAAA|1|0|3c9a19d0676036ef074e6cc0b268a51f131f9277; Path=/; Max-Age=1577847600; Domain=wellsfargo.com; Secure
DCID=x6xTWTkpw%2ft4CLl1a1j5O7pm9kj+L829lPg2QVUZaLU%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:08 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
200 OK 840 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Active-Cash-Card-79x50.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6ec98f68003e2c6714282b232614e8d1
2e159a3a6e6796d1cc201770ac015f96f905ef56
f9c237c7739705ea404e9682f13e557a1d984f2493f6f619bdfce44c9a71445d
GET /assets/images/rwd/Active-Cash-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1d25"
last-modified: Thu, 20 Apr 2023 01:31:18 GMT
server: Akamai Image Manager
x-serial: 1153
x-check-cacheable: YES
content-length: 840
content-type: image/webp
cache-control: private, no-transform, max-age=911136
expires: Fri, 16 Jun 2023 01:29:44 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
200 OK 7.4 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Native_App_Phone_Personal_v8.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash c885a0955f4f35b25bceca71830f266d
4bbdc15de0149dee5e6feae4fb32a520a983a1ca
5c18c7230c1e013e39d16af91a84fdedd4a6cb5874e26729f0883978c4ba229e
GET /assets/images/rwd/Native_App_Phone_Personal_v8.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6328cc17-9829"
last-modified: Thu, 20 Apr 2023 01:39:11 GMT
server: Akamai Image Manager
x-serial: 7
x-check-cacheable: YES
content-length: 7363
content-type: image/avif
cache-control: private, no-transform, max-age=911455
expires: Fri, 16 Jun 2023 01:35:03 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
200 OK 1.1 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/bilt_card_79x50.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 21385ee55bb1e5a680bb48257446fb86
9639eb9d1c5805fa350013eaa2f11c08835459e0
cfcc50571ad947e067c5a0853534d3016eaaef2fd98ffdb9b0d4d3c1bdda0273
GET /assets/images/rwd/bilt_card_79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fc445-1be6"
last-modified: Thu, 20 Apr 2023 01:31:08 GMT
server: Akamai Image Manager
content-length: 1083
content-type: image/avif
cache-control: private, no-transform, max-age=911130
expires: Fri, 16 Jun 2023 01:29:38 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
200 OK 962 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/wf_autograph_card_79x50.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 699a91c4d536a60f1a4bd48622194f70
91b303fbf65778043ddd2fe6f39f4798f207f320
8c456a47b3f97fa54853761f544146ab5b5277a11603a18f080947d76e31d54a
GET /assets/images/rwd/wf_autograph_card_79x50.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-81c"
last-modified: Thu, 20 Apr 2023 01:32:43 GMT
server: Akamai Image Manager
content-length: 962
content-type: image/avif
cache-control: private, no-transform, max-age=806077
expires: Wed, 14 Jun 2023 20:18:45 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
200 OK 712 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/Reflect-Card-79x50.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89489c444f1ee92b133eb97304e31020
62ea0737595301aabcda8a6dbe95184ba9a75558
e06b14ec84ac8651fc009b444e0560a78c1919f45df8106a9c14cd708d5b804e
GET /assets/images/rwd/Reflect-Card-79x50.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "636fb74d-1c20"
last-modified: Thu, 20 Apr 2023 01:30:55 GMT
server: Akamai Image Manager
x-serial: 1166
x-check-cacheable: YES
content-length: 712
content-type: image/webp
cache-control: private, no-transform, max-age=911044
expires: Fri, 16 Jun 2023 01:28:12 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
200 OK 405 B URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/homepage/position-3-bg-gradient.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 08e3eec615bb3f7d07a95e1e79f96189
c05ef7184eedcb31aee442ad8c474ff306b1d473
89026cd6ac7b7314c1a5b075471d09a9b672ac011254541c9d2b521b90c6cb3e
GET /assets/images/homepage/position-3-bg-gradient.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "61619278-7b35"
last-modified: Thu, 20 Apr 2023 01:33:39 GMT
server: Akamai Image Manager
content-length: 405
content-type: image/avif
cache-control: private, no-transform, max-age=911403
expires: Fri, 16 Jun 2023 01:34:11 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
200 OK 20 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/volunteers_cars_616x353.jpg
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 87490ccdfd428eee95e906fbce88432a
e1c384061e5aaf77bcf202341510db8cdc2ae350
936c825f599809216670e9444d31e555e587b6f9943a89681cfef3621c5b0843
GET /assets/images/rwd/volunteers_cars_616x353.jpg HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618017dd-cd21"
last-modified: Thu, 20 Apr 2023 01:30:41 GMT
server: Akamai Image Manager
content-length: 19628
content-type: image/avif
cache-control: private, no-transform, max-age=911020
expires: Fri, 16 Jun 2023 01:27:48 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
200 OK 1.7 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/first_time_experience-account_summary.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash e218a28576f6620622d48155284b5551
d189e371b0ce3dac93f0b9e660c426d932da9274
f990b81e77666bac79e3f1f9399b7763ca7eb64b1d70acea21cbe954413cc0c3
GET /assets/images/rwd/first_time_experience-account_summary.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "618287e9-14da"
last-modified: Thu, 20 Apr 2023 01:30:31 GMT
server: Akamai Image Manager
content-length: 1662
content-type: image/avif
cache-control: private, no-transform, max-age=911192
expires: Fri, 16 Jun 2023 01:30:40 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
200 OK 31 kB URL GET HTTP/2 www17.wellsfargomedia.com/assets/images/rwd/women-in-greenhouse_616x353.png
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectwww17.wellsfargomedia.com
Fingerprint34:8E:D5:B0:07:9F:99:05:97:81:77:30:96:DA:E2:A7:69:E6:4E:C1
ValidityFri, 14 Apr 2023 00:00:00 GMT - Sat, 13 Apr 2024 23:59:59 GMT
File type ISO Media, AVIF Image\012- data
Hash 6e75964fb01ae452f65c9fa41cd3326e
1a0909cc3f5290bb291f4d35abdc4df63767ef9e
417df9b440b214aa81b429a205291afb424c1ae8a3c9143dd22e17befaada5e2
GET /assets/images/rwd/women-in-greenhouse_616x353.png HTTP/1.1
Host: www17.wellsfargomedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-frame-options: SAMEORIGIN
etag: "6410d4f7-b51b"
last-modified: Thu, 20 Apr 2023 01:30:32 GMT
server: Akamai Image Manager
x-serial: 1698
x-check-cacheable: YES
content-length: 30860
content-type: image/avif
cache-control: private, no-transform, max-age=911038
expires: Fri, 16 Jun 2023 01:28:06 GMT
date: Mon, 05 Jun 2023 12:24:08 GMT
X-Firefox-Spdy: h2
c1.wfinterface.com/tracking/gb/detector-dom.min.js
200 OK 138 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/gb/detector-dom.min.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65434)
Size 138 kB (138549 bytes)
Hash c71e354b6a3fbb7e60e42b5cd392761e
b0abcc1cda4144fb29550225f7c3dd0342d11fbf
c5efd80b0945674f1ffbb895395fb45f44b6030a3d2c6380b03202e667c51923
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 28 Mar 2023 20:08:12 GMT
Vary: Accept-Encoding
ETag: W/"6423492c-7049c"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 138549
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=HLmUzrN+UDRfWQCiV6pCbg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+hz2GY7s3phBp0n6BD7y5w%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
200 OK 14 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (32088), with CRLF line terminators
Hash 5f310e2e2a558d76b916e137aee73462
c7ff0190c9c2c414321211f3863e9e27f32b713e
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
GET /assets/js/wfui/appdynamics/adrum-ext.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 09 Mar 2021 18:36:55 GMT
Vary: Accept-Encoding
ETag: W/"6047c047-b11c"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 14304
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vbaSGWPiVJe0yU47e31t9g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
200 OK 24 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7761c210936c5ffbc16bf3a859c5c649
30b0294e872a612bbb44fef185397b20839a6a7f
5b306356aae0365e64f0f2aeb36e88aaebcfad3cede0791f87a2cd3d8fbbe9af
GET /accounts/static/7M/accounts/public/stylesheets/main.6f78b5133f378c92c1b9.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 23979
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-5dab"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iT2CtLPBc8nomNjBDerEcw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
200 OK 39 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1415f9572acbb3f9c9b735caa721379c
b028e1c6270ffbbeaaad4df08669a519dabef72c
38526f61faf9a7f3f0612e909fb6f786a7ffba9b899c4d37ee66a7f08dd8f69d
GET /accounts/static/7M/accounts/public/stylesheets/wfui.df910294345cedd2922e.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 39080
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-98a8"
Content-Encoding: gzip
Access-Control-Allow-Origin: https://www.wellsfargo.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+ugYMzk2bCmi9UcCXM0Iew%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
200 OK 3.8 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (7626), with no line terminators
Hash 376eecf5abc22210cbcec8dc18f21cf6
be2406fc2ef24c86c85eb04a9c36559ef1fa3d7b
a56f4f80c32f2fd3a8d47679dfd0456765d23a853a0f12c5bdf7e8bae4c65a20
GET /accounts/static/7M/accounts/public/js/runtime.0b407b6e491f76ce3813.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: W/"645c0402-1dca"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Content-Encoding: gzip
Content-Length: 3788
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=8vYe4GRlgzHj+fbnn7XPBK1kXyhy+4OrkF775pER2aXHXXQmJTF48HjFmFJcUMBp; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
200 OK 308 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 308 kB (307653 bytes)
Hash c85014374233a557bb0c3371506bb5a0
aeb987debdb406b79606440a165a027770ee03c7
79c53c9a2acedfe344e6246a510b6c7a687fb868006a15f7afd5886a1b88abf1
GET /accounts/static/7M/accounts/public/js/main.a939a86ee26c77766c4a.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 307653
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-4b1c5"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=h3MbbpSw4XtB+nyZuSc2Yzn5JpJDpFyCD7PmfnXD1cY%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
200 OK 175 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b5012e5911b6a2f356d03fb66b74ffc
b206cda330002171f2608863162d63182c59cd22
5f956bb205ad17240fd0134480d37966b3ff95c35a98a08e413eca9ba9e21305
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dc/sed-wellsfargo-9de6abb8?key=AIzaSyDsCAtzgd6ckzbiXwzmWMJoC0UPQEu9QhA HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Content-Type: multipart/form-data; boundary=---------------------------13191868709876191591477741600
Content-Length: 169
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:1$_ss:1$_st:1685969647729$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CvVersion%7C5.2.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:09 GMT
Content-Type: application/json
Content-Length: 175
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
x-envoy-decorator-operation: ingress DeviceCategoryPost4
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=3lKHGxvGYhB0tdSQh3xcMJ33GAG5lsTn%2fqVC7kbSCC3TiZBiON9th7wkCVrv6TjR; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
_abck=9FF96FA27C67F6B9E93E3788AE92BA63~-1~YAAQjtAXAqNg6oqIAQAAuseDiwq2oGk6n/AbV/iB15AN/F9027316ul2Oy2AzDnKYl8FVmMagc2df8YK+4wv9Hvnr8Qdx051sQC2j7JCiCmeZrvRLFj+K2wSw1bOt1LaDhmfOx/9zBvS1gEKGmQEzKKRVhjtgFtVJk6l2PkVzaRXQwBa+aoGbVBi2dDJtTNairU1JiO3IHhcTmnD/JI7NwJSJXqVNJJuZZunqigen25NAiOpEd60ewrUEdzdk6e0oqwfMJ/Rh1ZX5g2PaTgKASGXBUO8Nm+58XYHHFD11lg3m5aO1v3PxAnoc0wofAK5ttzxAr6FXutBRfEzOuAxQbrI4l99R+ajn9g8ZHoLdru4aZgdnz6mBKABH6VMQ8HF~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:09 GMT; Max-Age=31536000; Secure
bm_sz=910C8EE2118FE83E94854D1402EBDBC1~YAAQjtAXAqRg6oqIAQAAuseDixT3sdBfVMQHEJh39EhcDiYwfiW/VmMejOpyS9IbyeHXNziJJGoh3FofbN/DLjClwNnCcilyVxkwu4kTPq+hSb6Lsp/DGYPj0yHNjVcudN4UjLIkdutHw02TdhYerJiOni8jcpyXYJGD2yH9FMjN0StUEG0WPBo8/TTfi9b/qTtk6rbyXFzt+VT/gqukF7m8GHEI0I18BFEZE3MV5AWqq9IE8KN2CtuWvvCFfSyIuTsOaDJavzYtQTdZd9oR/WbJ9/GO+5kfiQJ50b5OfMcox8DoJvSn~3683650~3749941; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:09 GMT; Max-Age=14400
X-Via: 1.1 kf175:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_8008-31452
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
200 OK 367 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65439)
Size 367 kB (366646 bytes)
Hash ed876d09f51c9e3bf7a72d9cd0c6ba70
1451ebd78f86e66969ac4dd31d52744cc68fd9a1
09d080b8cbf4892422de75f1a0f2ce43e3c9578cf6179674546782dacc6178f7
GET /accounts/static/7M/accounts/public/js/vendor.e50d6f2958b549874d2c.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 366646
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-59836"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=CKnO0M1ZC9kyjDTuizgfTMuuAX0tvMF8fe4s3B2fXNEfD8lIlPKCbdW4HcYJTt1t; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
200 OK 607 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 566dda94252f1860a7a28665c715b530
6aa0455dc8ea41441b1f3a733985758dc40af736
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 11 May 2023 19:12:37 GMT
Vary: Accept-Encoding
ETag: W/"645d3e25-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Content-Encoding: gzip
Content-Length: 607
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=T1f1PmuVODgxFDNKYRqNldb4oPJ1Uwe%2fnu5ZSmY31+ZYmzZdKwjqxSyzfbU2uPD0; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=UA-107148943-1
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Iu7rIhCZZFesnsDRsZVD2Q%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=DC-2549153
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eZn3Rfn1jEYOrjliiUSOHg%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
200 OK 45 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/gtag.js?t=AW-984436569
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 91c536ff4d2c8db1822702f866e60b08
3370d3721e28923f099da1985f718a88015975aa
d4798dd02d76bdfa96287f2d4bf3a0bd0e82c0e0dda34c6db7766fae3b2da78a
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:42 GMT
Vary: Accept-Encoding
ETag: W/"638fae6a-1ca3a"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=8RgsZF7UC9QJVRJ%2fTlzkyA%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2%3A0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pv=2&f_cls_s=true
200 OK 1.1 kB URL GET HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2%3A0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pv=2&f_cls_s=true
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 43aff54ba7ca7f2f55478607cbe6c2c7
71148c66a6735d5fe6f8e83d86d539551811fab8
7ee7b2ff146ee828d2178ecc3989cb0bbc72dcd464a4a60f925a41ca1ef70af0
GET /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2%3A0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pv=2&f_cls_s=true HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; Secure; SameSite=None;HttpOnly;Secure
_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!bwZX5bAG1hSnLW8q/D2JHXmrrcNtCzickuSWWDv3unG5JsWCf9AdoAWD7VHbVgsfQCWiNNWeCm9ktg==; path=/; Httponly; Secure
DCID=wRyR4%2fsGIPlrZn%2fs%2f4YLJGB%2f680jkkjeDLInf68S6c0Y70tSoYJIxujurrPuW3+E; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
200 OK 37 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 91199ec171bdf7a27582b03ee018be12
d4b06c1b8bfe14f648e670cfa4aa16296d982979
af942f6d1b4d650025b49f8190bd86cb321b06b637e5fe7eee42873660f299bc
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 37184
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:24:09 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=KB1ebIVUYsapYL6SNsV8K+DdKH7giyz8TgK1Yj0JYGo%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849246&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849246&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849246&event=PageLoad&eventType=PageLoad&eventDescription=PageOnLoad&device_type=DESKTOP HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:09 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:09 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=W44GM7xihtXxgg9ExU2bpZPDt1s1bc6yaxLRx+meRDU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_8008-31460
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849295&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849295&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849295&event=DisplayMasthead&eventType=Presented&eventDescription=DisplayMasthead&clist=tcm%3A84-224274-16%7Etcm%3A91-223647-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:09 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=FVLc%2fCXi%2fO6DRVVruvfi0QAcQyFf8SS1K3Ckwb5JXDYX%2fcWFsuGj4FmQVn1Nc%2f5s; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_7807-58656
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849306&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849306&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849306&event=DisplaySignOn&eventType=Presented&eventDescription=DisplaySignOn&clist=tcm%3A84-224415%7Etcm%3A83-2046-8 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:09 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=AGJHYnEHKdi+Nwqcachtgd7CjC4iH48DzirH7rUC6oo%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_7891-41268
static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
200 OK 16 kB URL GET HTTP/1.1 static.wellsfargo.com/assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectstatic.wellsfargo.com
Fingerprint2E:FA:45:0C:2B:B4:91:CC:76:B1:F9:EF:4A:58:03:FF:95:E3:A2:CD
ValidityWed, 12 Oct 2022 00:00:00 GMT - Thu, 12 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (599)
Hash aeccb854b0a76aa9f478e466c8011b29
625d31cbeb8978cf2419f58d14bba92a42dbb45c
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
GET /assets/js/wfui/appdynamics/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 03 Mar 2021 23:46:24 GMT
Vary: Accept-Encoding
ETag: W/"60401fd0-bbed"
Cache-Control: max-age=31536000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 15970
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=KjXYhoTr+oRYKq7bJBi96w%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849311&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849311&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849311&event=DisplayMarquee&eventType=Presented&eventDescription=DisplayMarquee&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:09 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=H6DNXp1qJXAjEgqIvJAcSHeAFDYBCapzL170KSl8IWNizKk0wd72kMXE0FVo+ENh; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_8107-24673
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849314&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849314&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849314&offerType=iaRendered&slotId=WF_CON_HP_PRIMARY_BNR&offerId=C_ccd_tk1activecashtestarspv_hpprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-227175-16%7Etcm%3A91-223657-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ouv250ZodXXiJEWt0bS22FnD%2fljjQHds+1o0rJHHWL%2faqH5ivepib0VLGuI4U0cq; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_7810-6128
connect.secure.wellsfargo.com/jenny/nd
200 OK 18 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2293)
Hash ce46e6d3d816eac0b1d9a140e0ccac24
5239b9d28bd13b0547fef64368c8d99760ddedae
54a639960701e9a8609bffabcc5a87a26a56508eca26d5fcb16a374ae1504869
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
X-Cnection: close
Content-Length: 17957
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:55|g:81526b86-7356-4cb8-9277-1a2b5266fd4c; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BTa=R:55|g:81526b86-7356-4cb8-9277-1a2b5266fd4c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BT1=R:55|i:302812|e:4; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=scFTBFeGa8bvuCysca0PG63vAlCvz88RLFFX4wYxY%2fk7fCar311upLJUVrmDLumr; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=32D1D0ADA73E34C83A51BE5F4FF87A81~-1~YAAQhAplX4dvM22IAQAA7sqDiwpBHmbnydYI+CzA3zS4d0eFpHgbdRzA+JR4P0Sq8A2AL0vvWnjkZ7zClGEbdfyc7U24S7TmgLSd0n/HU+2+7vH07bH1kcIi01smgAXDaKB0LWct+EpH6eeTEnr/cc7J9AxQfOZdkV1J9HQzYiJWlRE2UmDDkrk7qsoXozxGfsG1zdjvnXWai13FarDT+ugVY182whCnNFKLv1uTzWKDWVIyNOpT0E6MAGPXRFmGGDjD28Xx8nb+9EzvIiMR08NTr7Q27hBNIRioQzG2aXUV2hl6vYP/HCRNDsMoD28h+yM9UOlWysQouVixq4s9eExgrLdnA8EYrnIhW4S1Qdli/MEhQJm0zjUrk7EcGSVm~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Max-Age=31536000; Secure
bm_sz=BF2A7A89FECEB8108B8B52EB34456E08~YAAQhAplX4hvM22IAQAA7sqDixQnW5p4us61fs23r4DjWWlI97EGTVzJwPWiv8l9BggTolChucYD9r5GbLXRXI2AvU8B7KNDb1OimSX4UTK0G18MPHEulNGHajwEEBOWKjST0RnNImhyIabI9vGHC6Byc8bebwDYlfMKmi8CA0k5NWX1m+bOeapa1YPV7d66tV9i6vXQdivIz8TvNPToO4UMsafoO9yPjZ3rtRTe/UgtxFN3YNYSW66u/hxHmIr2HBGSQ9hL18s+EF9yzW3Xz//H/eu3pM2ox5HkseIj43j1AMnue0ow~4535861~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849319&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849319&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849319&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=HFmZXajZqu%2fEa5mco+DBqMDZN%2fFPUYt+OZYdDYgJW4eLQxIcn%2f8w5BMy+csug5xW; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_8008-31469
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849333&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849333&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849333&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=ztusoBbm+8ZTJB5KvyxBv6U%2fJ5wECUqsmZi9svPr6+9gzza7v7bKiUAxS7QUenE9; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_7891-41276
c1.wfinterface.com/tracking/ga/ga.js
200 OK 20 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (49163)
Hash 8402e9ebdf9290c018b0617018227681
2d840fcd6c3008d9aca747ba0ce056b496db8e1b
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
GET /tracking/ga/ga.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=i4eAAFiNZs08lnu%2fwCk9ww%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849348&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849348&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849348&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=oS6B2oce5%2fOrQ4MIULiMjF%2fds9WcQRoyHvT4K50WG1s6eMANN9rIMy6fm27+dzKx; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_7810-6147
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849339&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849339&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849339&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_chk_digitalcashbonusrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-251513-16%7Etcm%3A91-228643-32&promoSlot=2 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Bf0kIP1c3gM3U%2fK5WpT+zX3c+jQq8fIM3W425TXdies%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_8107-24678
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849300&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849300&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849300&event=DisplayFatNav&eventType=Presented&eventDescription=DisplayFatNav&clist=tcm%3A84-226512-16%7Etcm%3A91-226306-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
X-Cnection: close
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=npc03gopptalcyLUaOBCkA6TDFyxnzdeZEJYFrPr1pU%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3e9_kf182_8059-44992
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849361&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849361&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849361&event=DisplayMarketingSmallPromo&eventType=Presented&eventDescription=DisplayMarketingSmallPromo&clist=tcm%3A182-228910-16%7Etcm%3A91-223671-32 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=s9oKfzqOaihe5CQ8vgHUIQoS6wkGY1hXrIM1YBuyQPRVxglJv%2fcqzB5FXf1qSNJW; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_7891-41280
c1.wfinterface.com/tracking/ga/ga_conversion_async.js
200 OK 14 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ga_conversion_async.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (35846)
Hash 0a40602db7616a31c9da4548ee920190
878e01cb0c90cb247aabc137327655a6fcffcbd5
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=gDrExwCw%2fPemDDyRZVSNQQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849354&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849354&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849354&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_oth_collegestepsrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-254087-16%7Etcm%3A91-228643-32&promoSlot=3 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=Lt02lms5NwU1cJKLYHKC%2fwM8Y7VGyaJH6TfyBJLIAhdL5w%2fIGQCXMCiiWIE07LBq; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_8008-31474
c1.wfinterface.com/tracking/ga/ec.js
200 OK 1.3 kB URL GET HTTP/1.1 c1.wfinterface.com/tracking/ga/ec.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectc1.wfinterface.com
FingerprintCC:19:D6:44:13:12:B1:50:FD:1F:D0:A3:0E:BA:0D:69:80:6C:7D:4C
ValidityMon, 17 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (2771)
Hash 0ae62a83927125e9b9dfa97f89af9d3f
efb68f49f2b9b6b5567bf26a17015ede289e429d
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
GET /tracking/ga/ec.js HTTP/1.1
Host: c1.wfinterface.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-aed"
Content-Security-Policy: default-src https: 'unsafe-inline'; object-src 'self'; img-src https: data: 'unsafe-inline'; frame-ancestors 'self' https://*.wellsfargo.com:* https://*.wellsfargo.com https://www.wellsfargo.com https://*.abbotdowning.com:* https://*.abbotdowning.com https://www.abbotdowning.com; script-src https: 'unsafe-inline';
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1313
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=hHci0f%2fJKbdgNINZQtqwTQ%3d%3d; Domain=c1.wfinterface.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=1&cfg&pv=2&aid=
200 OK 1.1 kB URL POST HTTP/1.1 rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=1&cfg&pv=2&aid=
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4589), with no line terminators
Hash 43aff54ba7ca7f2f55478607cbe6c2c7
71148c66a6735d5fe6f8e83d86d539551811fab8
7ee7b2ff146ee828d2178ecc3989cb0bbc72dcd464a4a60f925a41ca1ef70af0
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=1&cfg&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2802
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 1143
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Set-Cookie: _cls_cfgver=32a3f9ce; Secure; SameSite=None;HttpOnly;Secure
ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!wpqKkp7zWe4F39Eq/D2JHXmrrcNtC+hKXE6wosEfpZLkJoPrIceX/XdvvA38Tufb9V8YJN7Vr10gAQ==; path=/; Httponly; Secure
DCID=y5Ihq+kZsc%2fhIIBNf5y%2fK+XfDI+0Tuej0P2%2fMAW+v2%2feoAZtFbc4ecRCIh26am2p; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849325&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
200 OK 43 B URL GET HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849325&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
openphish Wells Fargo & Company
GET /assets/images/global/s.gif?log=1&pid=702-224111-64&pageUrl=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F&cb=1685967849325&offerType=iaRendered&slotId=WF_CON_HP_SML_PRIMARY&offerId=C_sav_savingsprospectrspv_smlprimary&jsLogging=iaCallLog&device_type=DESKTOP&clist=tcm%3A402-263973-16%7Etcm%3A91-228643-32&promoSlot=1 HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Fri, 24 May 2013 20:08:06 GMT
ETag: "519fc8a6-2b"
Expires: Sun, 04 Jun 2023 12:24:10 GMT
Cache-Control: no-cache
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Set-Cookie: DCID=DPsn2%2f%2fMIt9kCjrquRTFDrCyaCD2axvxypiwRDIu8vo%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 VM-CDG-01nP5154:3 (Cdn Cache Server V2.0), 1.1 kf173:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_7807-58660
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5827191372514393
200 OK 52 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.5827191372514393
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash db4fc4beb9e87e091e61089cbe43290c
bce5e15568eed487c468e156bc8bd29110eaa266
e44e4ca55fad41fbb2e918a309ca2accb68de205c3c2e22f5da1d1cb670ee82e
GET /PIDO/pic.js?r=0.5827191372514393 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 52515
X-Cnection: close
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=5mRKCk3pBGMdQK3ZyyvOLhdekVOym8QH7aiT39HDsBg%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
200 OK 965 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2434), with no line terminators
Hash 6279eefb9639a93cd94a6ee8c95a40a2
0d1ca90bccd45d681d12b1c6435b080c6df1e11c
c85b0627f3b8911a1588a823cbf9c0ff1ce37ace63134c11add03472b74e2aa8
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 262
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 965
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-8e9da6fa-7d3b-4b58-8eb8-95501175ec35' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:199; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9f3eb261-5534-4b1f-a277-c27f41caf12a; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:9f3eb261-5534-4b1f-a277-c27f41caf12a|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:22; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=ACADE60306D4EE0AD53A5DF99230EED4; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=1120230605052410611332306; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:24:10 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!pxk9dr8Rd3CdKkgGl7IZxfIs0wroUU94PWmuDfTJe+PlczLzwfJ8qngs/62ic6IPRWbsU3qEGKAAZ2I=; path=/; Httponly; Secure
DCID=QkdcNlqbsD2JTlYa2qOMqykpsFzU9b9QlhL0T4TqhQE%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=C41B6634DF2D266DCA5D60E64BCE80EF~-1~YAAQlNAXAizlMneIAQAA1syDiwp4TDI2i5pylWXEam9LbuFWOhIMYHebeFtS+ys6QlFU+bTuXCkw9E8eAMURkbEbhuVb0BZQJ2Dh6MdF5cFz08cy5FIjk3euJEZGTalEI0nsPrZr6Gec4EYDL18N8DEqdTJGo2wLGOn6b88a3SbAHdTAY3OjfEgIkdxaFgFXg3DuGsp41pwteQfYP1MFkw4iGUxuql0ituDK2ZhLBbE1BJpMXdEVcELDUbAJzJ4IbhsKIMAYFCSUMEwVStFW5QJE9ZnThclNxIRM7f5UfLnL8GCaTDU6Ch8OJAjptyoTgFDQzw6qSAEO30uXezGpuNgyExPdpuwO+2+jAfdlUHrPJd3UDtJBvB1xWLT63APu~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Max-Age=31536000; Secure
bm_sz=E1CB636D74623F6D730C121A29DDDA41~YAAQlNAXAi3lMneIAQAA1syDixRQC4PKq288H6fZhD66Vcv/QApol+BJIHIYQErCUJ1EsvkVtjTLBkQ9R6cyIQc0LboWDusVArf6UJ9QL0XvweSGWXeVj/Q7e5LsSAq/aIhEYE947kTqYYkpraatb76ym16NSUMpCmEwWlXe3/cTGtaa7FZA0glb38W407rDzl1gNqFvBh+YYm+i7KcFpP+WbKqcEwX1vPjl+zq7MjXbm8UXhM51cX62Epk0yGVSwsrWDZEw1hTvavo76c9+L9hfQpx+LRHr9azXNB0w3Yd2veTNbvvU~3752772~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_7891-41289
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
200 OK 970 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Hash d0e1a2d3c5aa083e2dda2f3e7689db35
8dec13206b207ec699580b732e756bfca5b73e88
8718b8b3df03525ee25c775df61f1e285acd000152069a0117370146e5a2b2a8
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 267
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 970
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-72d01e6c-db3c-4df8-b613-268374e6e74e' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:199; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:02141eee-09ff-4651-9b13-254a123c37fd; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:02141eee-09ff-4651-9b13-254a123c37fd|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:28; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=6C688CE90EB6A03FCFB7732F47CED2DE; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050524101980910038; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:24:10 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!O9DmX2kMlvI9CvgGl7IZxfIs0wroUQRAIXrlYgNnD4U+F9gT2MMgsOaMEroVjG4PKImyJpyrQwVW8BU=; path=/; Httponly; Secure
DCID=x763qncg25FHWqgV0y8hALoJQmBheRby6h81wo7+6iY%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=B06E0E5369302BC42ED4BD4D5A91072C~-1~YAAQlNAXAi/lMneIAQAA7cyDiwrA0wUq5fZ5CMGsDdXcU+Cq/Ws1sOyfwQCwve5GGz8ekuSMTjcj2gD6Ot7M3coosFOvPpAfsjxBPxu53mSVfBcEE2jQj6zWUxTzEBukWhusxoblkDLMGI0TIcCqN+h002Eb0OSvgylEcV6suuGdI8w0twXPxgaexbKkiHms6e5ttOUcQqGKRYkhAb3eKCSJavzzZdXLmZ3FS/wHyldLpsMmK1Xyi+kGchjnuHCX0nnELL/E0n7/MsuCk8C/9LVwsZReA22Hbhfl4SHQz0ZGIn/zvFaENHcX5PVOgUmIJmFRY295IOhHiDxB5ZBZDa0brPSHKo+0U4Kx7r46LndbUYY2XQNfga3PJreLQ9kz~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Max-Age=31536000; Secure
bm_sz=E09B703171866CE5E0601A180C1E0BB3~YAAQlNAXAjDlMneIAQAA7cyDixQJT+evfj/7QDVDSGALbKPbPhD1i3MnB+YAxAier7IHmE7C/TSj8/myr9VCAYzkjYEndEELB4zrE+AwO6PIjBrutqB/e6CPkYThr4NXASWWrzB/WsU+hoD9Qga65/M62UC/Rrc55SsdbtyjeL7YDI6pEGG2HS2TMF5nqrKLWEfzAb4EzwIYtyJn8uRPXr+bZC5Lf38wXlOhM4vFUvcVB150wCVpxi7OfYdsHgP8HjqXTO6Zs6YuyV5rZMYF80dn/eDVP5QZ5E4ed1vng2M1c6B9gEf8~3752772~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_7810-6151
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
200 OK 973 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2441), with no line terminators
Hash 37400fad2e290a82bc515592e31e127c
0f5f0ab5848ba63a34b754772814dcece95a4419
179c32266c2bc0d819083e2832872be0b88c27ff16ad3bd581a98a62d8909cfe
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 266
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 973
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-1daa7a52-3fff-4d2d-b72a-355afaefd556' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:199; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:062cc819-198a-40c1-9145-41ebd20ee39c; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:062cc819-198a-40c1-9145-41ebd20ee39c|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:62; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=D50CE658BFE622A62868505F1D2F3552; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050524101637498146; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:24:10 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!x+FcmIwer8Q4yn3z2xKqB3cO2dndHvly1999dYCEIdxh0IYGU40FpaG4D+m0LOy7ylep8Onyek8fuTc=; path=/; Httponly; Secure
DCID=7DeV0d1Qch5h7qpzkByxtarjhC4x7U1NaBrTkS0dsVECQRGq+ef%2fkdkOkpL4iKJp; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=B85B51694ABEFFB83BA9E63752AAB688~-1~YAAQjtAXAvJg6oqIAQAAAs2Diwr4dN1pwvTCIOHyl9wh0GQ8gczb4ZstUTbn4KEAOZKP4LelLWhwQHHZT+CU5kmDni/RZancx+WwWjgk6JvXB7QvI2vyGADN+NR690gNhcncTSuSXse7tYDrhfodR8WxoX4FkUv0CwCmXJ+YG3BaRlEukv7H1Np2Pf5Sk8u1OQtZqIepyc1dg5wvk8mBuzxt8WtCZ5LsJpe3quu1UYhKe/q2GpZ0sapyDsLo0VOzcm5W0Hv79lKR5C7e3JokPoJRQBnJDmNAx6SMPN5UjOYiV4SMzpkrGYW5fzyVHYrCHoQZKM8lvZ/FESMf9uR9FGwYnMtBa9PDKSRWCteeFbUOG0eqcLnrY1ZrO2FeJ347~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Max-Age=31536000; Secure
bm_sz=785EC6DDF6264340B2F6D0D8649B5846~YAAQjtAXAvNg6oqIAQAAAs2DixTz7iTjLg3gKiL1ELixxRNXJ4u3q166hMvJ1YLwzEofhyLlCWSJJYMypDh0W1Dv8T3EMc/Kfi6q4uDteiAJgn1O3UC2Lj6RVnn8c1YU0YU7qX73AgqqTy9TpvwXk28SrhMQ1o4es5G5QZAFDDKHNov8OqNsGPnZHKYIZhcGKRfodqFgh8ULAi4b2urH69UdZoGfgiwZ2KCGwDQnsIGcoKq06Y9PFbnSn+Lz6AvgYs8764KptaZjjLTkrsj1j0WrNv3jHAgaR4PINypjFQPozInPXasg~3752772~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_8059-44996
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
200 OK 969 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/as/target/offers/dispositions
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2440), with no line terminators
Hash 8803e1c0893b4b69a4b6f1a32e03a5be
6a126a469a890049dac28d1fbc7ebfad5e35ea9a
c5b0c191e860cf3bf3bcbfa4b9ef5bf3973f1b3b918371480c5ac2b567b00358
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /as/target/offers/dispositions HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Content-Type: application/json
Content-Length: 265
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206893|e:199; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:10 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 969
Connection: keep-alive
Content-Security-Policy: default-src 'none'; form-action 'self' *.wellsfargo.com *.wellsfargo.com:*; connect-src 'self' *.wellsfargo.com *.wellsfargo.com:* https://*.schemaapp.com https://*.rlcdn.com https://*.tiktok.com https://*.medallia.com https://*.kampyle.com https://*.adobedc.net https://www.google-analytics.com https://*.doubleclick.net https://*.maxymiser.net https://*.eum-appdynamics.com https://*.demdex.net https://www.sjwoe.com https://www.mczbf.com https://s.yimg.com https://bat.bing.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com https://*.knotch.it https://*.google.com; img-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.yahoo.com https://*.everesttech.net https://*.linkedin.com https://*.doubleclick.net https://*.g.doubleclick.net https://*.google.com https://*.demdex.net https://*.nod-glb.nuance.com https://*.eum-appdynamics.com https://*.virtualearth.net https://*.maxymiser.net https://*.knotch.it https://*.medallia.com https://www.facebook.com https://cx.atdmt.com https://analytics.twitter.com https://t.co https://track.linksynergy.com https://s.amazon-adsystem.com https://ct.pinterest.com https://trc.taboola.com https://p.adsymptotic.com https://products.gobankingrates.com https://bttrack.com https://b.videoamp.com https://fcmatch.youtube.com https://www.googleadservices.com https://www.google-analytics.com https://idsync.rlcdn.com https://s.amazon-adsystem.com https://udc-neb.kampyle.com https://wellsfargoprod.prod.fire.glass https://s-a.innovid.com https://bat.bing.com https://www.knotch-cdn.com https://www.emjcd.com https://cj.dotomi.com https://www.mczbf.com https://*.mktgcdn.com; object-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; child-src 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.demdex.net https://*.nod-glb.nuance.com https://*.doubleclick.net https://*.advanced-web-analytics.com https://*.knotch.it https://www.knotch-cdn.com; font-src 'self' data: *.wellsfargomedia.com *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:*; style-src 'self' 'unsafe-inline' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://*.nod-glb.nuance.com; script-src 'nonce-7159b10f-e62b-4955-8fe2-bb8caf8a75ac' 'self' *.wellsfargo.com *.wellsfargo.com:* *.wfinterface.com *.wfinterface.com:* https://cdn.schemaapp.com https://*.tiktok.com https://*.maxymiser.net https://bat.bing.com https://www.clarity.ms https://snap.licdn.com https://*.linkedin.com https://s.yimg.com https://sp.analytics.yahoo.com https://p.adsymptotic.com https://*.nod-glb.nuance.com https://www.knotch-cdn.com; media-src 'self' *.wellsfargo.com *.wellsfargomedia.com; frame-ancestors 'self' *.wellsfargo.com; base-uri 'none'; report-uri https://ort.wellsfargo.com/securereporting/reporting/v1/csp
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0
Expires: -1
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Set-Cookie: ADRUM_BTa=R:27|g:57b631d2-acec-4cdf-91ee-922ba27e660e|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206893|e:199; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:f6763338-2ce5-49b2-9cec-6b79a869fd79; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BTa=R:27|g:f6763338-2ce5-49b2-9cec-6b79a869fd79|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
SameSite=None; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
ADRUM_BT1=R:27|i:206917|e:61; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure; SameSite=Lax; Httponly
wcmcookiewf=D082E3A8ADEB844AB4A6667B6DF4E93D; Domain=www.wellsfargo.com; Path=/; Secure; HttpOnly; SameSite=Lax
INLANG=EN; Domain=.wellsfargo.com; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Path=/; Secure; HttpOnly; SameSite=Lax
wfacookie=11202306050524101093432904; domain=.wellsfargo.com; path=/; expires=2 Jun 2033 12:24:10 GMT; secure=true; SameSite=Lax; HttpOnly
ISD_WCM_COOKIE=!EUr7YQLgv1IGjCHz2xKqB3cO2dndHs1WQNNixTYTolQiBO7AE9nIfhKA9+AFGb9c7wBnlonFaVkSG08=; path=/; Httponly; Secure
DCID=pvDWy31E0a8SpkoOjSo53UyNkyS0AGNcnvaV5pj5CC5jDvHOCwZpsixk2rOd08WV; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=DEF271D733F9A3B804F5A361CEF02A25~-1~YAAQjtAXAvRg6oqIAQAAFs2DiwoxO7P0M8b8UT0CrAURxKcr8CWI0mgdnQIfkyYnEpMW+ATmICV3DJz4zItyAURUB7bJbVVZIU1KRupUbW77XmI2L728K/q3UetXq/woRDlGmX7NJIqvQJiwQX1GTcF3VVf829eKoxvnkHfjWYKlToZbjwCpcMMMviTxbu9TzN3FHEYVVk+kXO5dcJDhJH3l+ICGgfzvnKefBCRZtumdZ9PX1CJ8jPnUy8ZhY9+x0sKKnSFNywP98eUXmiczhRtdY78bv1X7CfbM56pFSafT3tq0mkWqPsP5vhtg+snqwjEndcv+L8C1X081HcbNUhTKvJcbOisJzYPoH8MUAvMOW+pso8Vx02xx/tJF7bMn~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Max-Age=31536000; Secure
bm_sz=051C6F3DBB7B2942CCAAC647C2650112~YAAQjtAXAvVg6oqIAQAAFs2DixSPP/umSDK7NqpgMYl3yIjw5GbhgAZfqifF/pkkpAal9qVVLvCFT7lLgUZUjEfI8LYT+GaPTXXi9zMzUaGjRlPzNkTUqTSmjZof9VEuo+ezhihPy/OtmTzw73K6frveu+TGN1OdDlZpBZwJukZfsT4FZuwJ45pmxeYCmJXcGuRaX6X6enOreKmbghHUAPwE7fp99T0FuqpEIqlu7KcvijbRgmMtWNyC+bAxi7Q/v6UaOzRcOwOgIp4PRspwJbBYueUMQLlpzwXi2iGZfe3ytuutGoXW~3752772~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ea_kf182_8107-24682
ort.wellsfargo.com/securereporting/reporting/v1/csp
0 B URL ort.wellsfargo.com/securereporting/reporting/v1/csp
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /securereporting/reporting/v1/csp HTTP/1.1
Host: ort.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 3398
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
X-Vcap-Request-Id: 817d8a17-f6ce-4d79-43d7-2d6b797565ad
X-Xss-Protection: 1; mode=block
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:0|g:5723375c-8d92-438e-8a87-c14fc24c2400; Max-Age=30; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BTa=R:0|g:5723375c-8d92-438e-8a87-c14fc24c2400|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Max-Age=30; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
SameSite=None; Max-Age=30; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766; Max-Age=30; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6; Max-Age=30; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
ADRUM_BT1=R:0|i:710766|e:6|d:6; Max-Age=30; Expires=Mon, 05 Jun 2023 12:24:40 GMT; Path=/; Secure
DCID=wtdDi5JxWyRVxWEQH8N5arZq%2fDaxexw9+MfzezapKdo%3d; Domain=ort.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=F773806885E9688F4C7EC26EDBA8F8FD~-1~YAAQzwplXwKrx2yIAQAA8s2DiwrXd0Bnm/QVgPgVpRfQRqQzaLMhD9I+kfxYZHMikzZw4je9a+ODz2DdKsMMlOaJHf256CpQHDhT7w5ek8SRHaheeTMulxVjaygzHZKZR12gOQnjyDHpZfm+WdKHmEwYtxHHiSyOouG0OrxfvMu1fcPQjeFhZNikXwsxd+SzWg+i03Qlw8oiFLD2d2x3Y1Q4co+e6/CL4buvhs4D7nq1pWd03ztdl7ad0HwEejswDT1UpAtAsCloqP/zeCLWZohqcRNja1pJgUgol6Xe3NIhz2f7f3UUyC1j3AKkcNak2HvX1CsxWZMv0N/mpYaYhLckos/v2UGd9C4F+G3arrlhS0VDgH4R1qKNwuyxUIK9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:10 GMT; Max-Age=31536000; Secure
bm_sz=39089696CEF4ECF6681A26237D81EB68~YAAQzwplXwOrx2yIAQAA8s2DixQ6eIYAfQmGSOZfjhBM+tjKfWiK2q5TD14yLB+POcWTEJb/Za2BDdqBztzMwop+e1q2yJKVvqb1hQaN4/z7pvQfnO6Npm5IzBhBQXBK0Gsh4nYyZ1Fzk2AVNaitQjEaxDu5QDItoOTig9tO2tdu6rKff4bwbKZhfDLfej3EEn2mBk0OO52z5yPcXNxOqgYGyiuux1CQzbkVBG+mzNvk4FZVvag1b2j7M77JnAamKwGJJIKyV50n1QWkV481g3adqOqtap8pdwMkliJ13ytabPfFIVjn~3683385~3619139; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEB0TWp0dDhkajNMU0lXaTgrR2dXK0FlbmlQcm9xQk9Xak9aOWtBLzNYNmNVdkNQQm1RbnpiY2wzZThmcGo0VkdXeVRBNmMwSXJ5NHF4ZDI5L253TE9JK1lqVmRIaWV0N2Y2MEdMUVdYcWJZQXJrVUxWaVBad09tSGdQNHA2bXFpK1NpeVBNckhwNklqQzYzNnMrRy81c05mNkJ3K3pLWnBKbUJsOSttRUorR1lka05qSEh2OWpEUVVQWkZZQnFmTzE1eldRbzdhR2JrdlZYZU9EQ2dLc2prdWJEekUvaytEd1BrWjA1ZnNEWlQyb29qVlo0NWU1YlJkWi8yR0N6bkljVUFDU2RjZUVJdm0zeFhmZzdNSUt0SEJNTlJWdzhzcDBQOFFxaDZNPXwyYjJhOGY4YzZlNmEwMDEwMmFlZTg0MjVlYzA0OThjZDM1ODg1YTlkZmEzNTEyNzE1ZDRlNTNkMjQ5Y2NjNTQ2YWEyNzA0NjY4OTAxYTk2ZTBiYmNiYjc2NzRjYjcyMTU4ZTA1ZDQyYjRiOTZmZDc0Yjg3YzQwMDliMzQ0YmM4N2QyMTIzYjhiMjc3ODI1YTNkMzM4MmY4ZDY3YTAzNzAyM2RmNGNlZjI3OTYwODljZDc4Yjc0OThhOTU2ZWI3ZmEyZDRhMWQ4YjE2ZTliOTQyYTk1NWM3ZGM4NzM0NjRjYzgyYTdhZTk5Yjk3ZTZkNWFkY2ZhZGZhYzdiMWYzMDNiMDJlZmJkYTAxZTU5NGI3YTQ3MmNmODQ2NjhjYjhhYjhiMTkyMDE5MDM0NDVlNTQ5ZDEzOTk3OWNiNmI2ZGZlYmQ1M2VkOTE4Mzg0MzkxMmYyYTIzMTNkZTlmNzc0MmE2MGMxNTVhYWE1NTY5NGUxMjZiNDkxMzk2MWIxNGMyNTI1Yjg1ZTgzNjBiM2Y2MWM5ODM5NDc3M2U2ZjhmZDdlNGU3ZWJjYWQxY2M4NDhhOWVjM2ZmMDRjODQ0Y2ViMTc2NzE2YjM2ODIwMTcxNGEzZjkyMGM5MDVmNTc5MTI2Nzg0ZjAxMmNjMWIzNjJjZGZkNWViYmFjMDg1ZDNjM2Q4MHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com&t=jsonp&c=hscqqlvqyddxqccp&eu=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F
200 OK 90 B URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEB0TWp0dDhkajNMU0lXaTgrR2dXK0FlbmlQcm9xQk9Xak9aOWtBLzNYNmNVdkNQQm1RbnpiY2wzZThmcGo0VkdXeVRBNmMwSXJ5NHF4ZDI5L253TE9JK1lqVmRIaWV0N2Y2MEdMUVdYcWJZQXJrVUxWaVBad09tSGdQNHA2bXFpK1NpeVBNckhwNklqQzYzNnMrRy81c05mNkJ3K3pLWnBKbUJsOSttRUorR1lka05qSEh2OWpEUVVQWkZZQnFmTzE1eldRbzdhR2JrdlZYZU9EQ2dLc2prdWJEekUvaytEd1BrWjA1ZnNEWlQyb29qVlo0NWU1YlJkWi8yR0N6bkljVUFDU2RjZUVJdm0zeFhmZzdNSUt0SEJNTlJWdzhzcDBQOFFxaDZNPXwyYjJhOGY4YzZlNmEwMDEwMmFlZTg0MjVlYzA0OThjZDM1ODg1YTlkZmEzNTEyNzE1ZDRlNTNkMjQ5Y2NjNTQ2YWEyNzA0NjY4OTAxYTk2ZTBiYmNiYjc2NzRjYjcyMTU4ZTA1ZDQyYjRiOTZmZDc0Yjg3YzQwMDliMzQ0YmM4N2QyMTIzYjhiMjc3ODI1YTNkMzM4MmY4ZDY3YTAzNzAyM2RmNGNlZjI3OTYwODljZDc4Yjc0OThhOTU2ZWI3ZmEyZDRhMWQ4YjE2ZTliOTQyYTk1NWM3ZGM4NzM0NjRjYzgyYTdhZTk5Yjk3ZTZkNWFkY2ZhZGZhYzdiMWYzMDNiMDJlZmJkYTAxZTU5NGI3YTQ3MmNmODQ2NjhjYjhhYjhiMTkyMDE5MDM0NDVlNTQ5ZDEzOTk3OWNiNmI2ZGZlYmQ1M2VkOTE4Mzg0MzkxMmYyYTIzMTNkZTlmNzc0MmE2MGMxNTVhYWE1NTY5NGUxMjZiNDkxMzk2MWIxNGMyNTI1Yjg1ZTgzNjBiM2Y2MWM5ODM5NDc3M2U2ZjhmZDdlNGU3ZWJjYWQxY2M4NDhhOWVjM2ZmMDRjODQ0Y2ViMTc2NzE2YjM2ODIwMTcxNGEzZjkyMGM5MDVmNTc5MTI2Nzg0ZjAxMmNjMWIzNjJjZGZkNWViYmFjMDg1ZDNjM2Q4MHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com&t=jsonp&c=hscqqlvqyddxqccp&eu=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7cb64a324dd94002b139163ae775f593
c11ece69b7c3ac3473baf24c5deeb339e1ee6afd
c91ff2be8369e12986e9ee4d4886ca8931f368934858fc2baa48ce7587b815e9
GET /AIDO/vyHb?d=ZW5jZEB0TWp0dDhkajNMU0lXaTgrR2dXK0FlbmlQcm9xQk9Xak9aOWtBLzNYNmNVdkNQQm1RbnpiY2wzZThmcGo0VkdXeVRBNmMwSXJ5NHF4ZDI5L253TE9JK1lqVmRIaWV0N2Y2MEdMUVdYcWJZQXJrVUxWaVBad09tSGdQNHA2bXFpK1NpeVBNckhwNklqQzYzNnMrRy81c05mNkJ3K3pLWnBKbUJsOSttRUorR1lka05qSEh2OWpEUVVQWkZZQnFmTzE1eldRbzdhR2JrdlZYZU9EQ2dLc2prdWJEekUvaytEd1BrWjA1ZnNEWlQyb29qVlo0NWU1YlJkWi8yR0N6bkljVUFDU2RjZUVJdm0zeFhmZzdNSUt0SEJNTlJWdzhzcDBQOFFxaDZNPXwyYjJhOGY4YzZlNmEwMDEwMmFlZTg0MjVlYzA0OThjZDM1ODg1YTlkZmEzNTEyNzE1ZDRlNTNkMjQ5Y2NjNTQ2YWEyNzA0NjY4OTAxYTk2ZTBiYmNiYjc2NzRjYjcyMTU4ZTA1ZDQyYjRiOTZmZDc0Yjg3YzQwMDliMzQ0YmM4N2QyMTIzYjhiMjc3ODI1YTNkMzM4MmY4ZDY3YTAzNzAyM2RmNGNlZjI3OTYwODljZDc4Yjc0OThhOTU2ZWI3ZmEyZDRhMWQ4YjE2ZTliOTQyYTk1NWM3ZGM4NzM0NjRjYzgyYTdhZTk5Yjk3ZTZkNWFkY2ZhZGZhYzdiMWYzMDNiMDJlZmJkYTAxZTU5NGI3YTQ3MmNmODQ2NjhjYjhhYjhiMTkyMDE5MDM0NDVlNTQ5ZDEzOTk3OWNiNmI2ZGZlYmQ1M2VkOTE4Mzg0MzkxMmYyYTIzMTNkZTlmNzc0MmE2MGMxNTVhYWE1NTY5NGUxMjZiNDkxMzk2MWIxNGMyNTI1Yjg1ZTgzNjBiM2Y2MWM5ODM5NDc3M2U2ZjhmZDdlNGU3ZWJjYWQxY2M4NDhhOWVjM2ZmMDRjODQ0Y2ViMTc2NzE2YjM2ODIwMTcxNGEzZjkyMGM5MDVmNTc5MTI2Nzg0ZjAxMmNjMWIzNjJjZGZkNWViYmFjMDg1ZDNjM2Q4MHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C16&si=2&e=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com&t=jsonp&c=hscqqlvqyddxqccp&eu=https%3A%2F%2Fwww--wellsfargo--com--6k49329d48d6c.wsipv6.com%2F HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 05 Jun 2023 12:24:11 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=GEpw+PnvKGTWdPZ1ur+%2f5cJrFI69FfNpB8Ise9X4ndQ%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
_abck=B7C52DC0C42928CCE4602B7EE1FCA6D9~-1~YAAQhAplX5NvM22IAQAAf86Diwqm0lNOiD8BrG7i1sBAyUx6qsZhPcA3TNOradhtsIhBqS+IZOa5o4kON5nkYobleMID1CocJRkuDGSo7JaGif3QtngtS4xZApH6El64Hu68VSIG6R/wtlSNIMxlJWj61iaa2snJSYK0XKb/WPFDOkDH0lvBkNuuBcrVRtSLns8ysKYSEcnMJCqnnHwVUoqWIY+TkvqPbrU/+kUgWOdFHsx+HHS8hWvfYT+ZXdmBxiycIoTGuozRmJoY/QqmSBCRXCC2nAZJ76nc5+1Pss2xLTKd0EP+SzMDXVgqGfYmOnW/wbuTa6xRTL/pZHcWrnEBsIJC818vvTNIXx/nkbgINr9nHt628KX2P2x0gyNr~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:11 GMT; Max-Age=31536000; Secure
bm_sz=BF8734FA0BC59DF7EEF5A6040A287F64~YAAQhAplX5RvM22IAQAAf86DixQoe5+mYYGR74an7JRZswnqXIlvMFx1hL/9sItzlVZ+LrtTSSkG0SGm9eBsUE1+YAkRLDE0VFm7yAkWn3n4GMpge7WVF/HEuAch33n+pphOS3nZvkQAkpiaMa+0f6dJVu08YtxqT/EHG5stwNQi6U58PCYiFcWviR//cVGqk2+aeEWjXX7LJZs7penk5Ht0WL767SUaanseOxhku5dAjLKYNrqWKLzI9M04LPcN+UFkny4OkeOUjRB7mzNymF0BX6lybXjkGHl/78NorBUSV92v6RkP~4535861~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:10 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9504871357449506
200 OK 137 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9504871357449506
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136576 bytes)
Hash 0bf97e93588b1594f9b49bdfcab9089b
fefff3b2965be177ea8e2d11279ea6bb165f095b
9a73b0020d37641e7f97da93882ae5089e2ad7376b767054d2978f1c15ff27a7
GET /AIDO/mint.js?dt=login&r=0.9504871357449506 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 136576
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Jun 2023 12:24:11 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=gd4VV+1s%2fD1ArUIsTrebjWDB2uzZiDduF2jkfam9JS+KLTqBHx4NrB71xH5uC7xE; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:10 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
200 OK 134 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/dip/v1/dip
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ad90654032a665ceadca1d7d88142088
bc9b5648330f1e8b8d346a1fd817fe8837ee6059
1ea9683b2dcbe79f283a9a294b244c13c6bb08e3a82c9bda8c8112f4085b80fa
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/dip/v1/dip HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
ADRUM: isAjax:true
Content-Length: 2048
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtWRsk1%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0; LSESSIONID=eyJpIjoiMFRVaWlCbFpCbDFFU0plbG5wRjlUUT09IiwiZSI6IjlMS2EyT3Y2S0JCck02dHJ6UXBJbUpqWnQrb01xT1pcL01yQlF0WHNHYXdOMW9QNzZ0VU1VN085QUVuc0hxR25jYnRORjFlRnE2cFIwSkFIYVdMc1V0bE1na3V6Y1gwSGRzS0NzdlBWTlF1YXFzcHJZQUZVYUgzXC9ZcUpSVmdMY0oxdjBYUlo3c0o3a2xrQWFQWXM3OFNRPT0ifQ%3D%3D.58dcf4f7298a6d0e.ZjM1Y2Y2NzJjNzI3ZjgyYzlmNzI4Zjk5OWUxNTliM2IwNjI5MTIwNzg3MzhmZmM1NjI3MDZjYmFmMzkwYWRmZQ%3D%3D; _gcl_au=1.1.1530267552.1685967850; _ga=GA1.2.599397610.1685967850; _gid=GA1.2.506679517.1685967850; _gat_gtag_UA_107148943_1=1; ndsid=ndsap09j700ksiliitq6z1; ISD_WCM_COOKIE=!EUr7YQLgv1IGjCHz2xKqB3cO2dndHs1WQNNixTYTolQiBO7AE9nIfhKA9+AFGb9c7wBnlonFaVkSG08=; ADRUM_BTa=R:27|g:f6763338-2ce5-49b2-9cec-6b79a869fd79|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 134
Connection: keep-alive
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
X-Akamai-Transformed: 9 206 0 pmb=mTOE,1
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=611tsoqwRxQdhuliE6GCVpkC7XPl%2f8fuBz3l%2fENt6WQ%3d; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:12 GMT;Httponly; Secure
_abck=3DF34061D526BE6A903743D8EF3B99B9~-1~YAAQlNAXAnDlMneIAQAAedKDiwoM72Bnytw/82Vsnq8lsrDobW7xDVMqt8sOeFjtHcAhel1OKek2GxxK4YuZVldiA91CXbfB49ubV77QQR8LSvqnibGfaSk35lSVcek9P0YziFPNhRjDemlphgXqeU6T236Bixz/yUfzZRFOm/iN1V0bNWbZGCXzd+qj2yIJXEp1dzE25pFzg4C1cP2w7riiOoxDv1lLl969ZIrOiyoOgOdkNuHHG98ovoDEkok31l2Uvuq2PybOyMjrQQp5uaM+Relb5W7bV0UjfABDb2YvqjN40NXIDKMPTuMDajJI4pPp2xKqpQMSDVWCUU2/UxvIg9CJx1jxUjG8jMtdtAEWe7XMwR/gIBs0G2YOVzRm~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:12 GMT; Max-Age=31536000; Secure
bm_sz=7CDDC1E287220C6E4D3558E8CBA2875A~YAAQlNAXAnHlMneIAQAAedKDixTpSK9u6WH8znEa/9gm61bOx+GjrwwcCZIXZG03pzi6764uHcsdJPAlY5Z8KFHZCG9xMEo5dd2+Cbd7Q6cZ5Q4NdNMn0U5rkqatDX2NxEHPsc9smyw3BLOPfyqAEiuwIbPAfB9F93vgYy4xd6p3a2tGf/WEB9QLj/SlP98z9+e1a+PSi7WrCAqXZeCit+0hCrhyZgMtr29JnREQTw83feymCFFgt7MzFUcb4omr6RN8CkNAIHTiua/UyeHfwJl2LsjmlLpSBdC9/Oelga+YZKNZJwy4~4534598~4277813; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:11 GMT; Max-Age=14399
X-Via: 1.1 kf175:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3eb_kf182_8008-31491
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
200 OK 265 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?m&fq=load
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash a257dcf387246ab1e4cf89aa46e3e324
621c44deefa274e685769f3d3e8a196892adc64e
1f3323b7b9e5bc4d8df74cda517aa43fe68636990167ed8c7f05bbc91dc3b326
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?m&fq=load HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 852
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtWRsk1%22%2C%22diA%22%3A%22AezTfWQAAAAAN%2BKFItE4Rx4Q4A9Z64vn%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A10000%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0; LSESSIONID=eyJpIjoiMFRVaWlCbFpCbDFFU0plbG5wRjlUUT09IiwiZSI6IjlMS2EyT3Y2S0JCck02dHJ6UXBJbUpqWnQrb01xT1pcL01yQlF0WHNHYXdOMW9QNzZ0VU1VN085QUVuc0hxR25jYnRORjFlRnE2cFIwSkFIYVdMc1V0bE1na3V6Y1gwSGRzS0NzdlBWTlF1YXFzcHJZQUZVYUgzXC9ZcUpSVmdMY0oxdjBYUlo3c0o3a2xrQWFQWXM3OFNRPT0ifQ%3D%3D.58dcf4f7298a6d0e.ZjM1Y2Y2NzJjNzI3ZjgyYzlmNzI4Zjk5OWUxNTliM2IwNjI5MTIwNzg3MzhmZmM1NjI3MDZjYmFmMzkwYWRmZQ%3D%3D; _gcl_au=1.1.1530267552.1685967850; _ga=GA1.2.599397610.1685967850; _gid=GA1.2.506679517.1685967850; _gat_gtag_UA_107148943_1=1; ndsid=ndsap09j700ksiliitq6z1; ISD_WCM_COOKIE=!EUr7YQLgv1IGjCHz2xKqB3cO2dndHs1WQNNixTYTolQiBO7AE9nIfhKA9+AFGb9c7wBnlonFaVkSG08=; ADRUM_BTa=R:27|g:f6763338-2ce5-49b2-9cec-6b79a869fd79|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61; _imp_di_pc_=AezTfWQAAAAAN%2BKFItE4Rx4Q4A9Z64vn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:12 GMT
Content-Type: text/plain
Content-Length: 265
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=d5sBqISpcZklOIobXx8YuF6n+Z9DPQ%2fR7huoM6e5ZzmxEYvVLsrN6cOutFDRlvOb; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:12 GMT;Httponly; Secure
_abck=56B5F20FDB97E376D26C1D26A5AEC4EB~-1~YAAQjtAXAoRh6oqIAQAAY9SDiwqy6YsmtyqMtEMnMZgN/zJ564spPn0M43eoEmMvaGU0WbbfuqFM48kuKQ50/SAOGwSH93ovq38daHge1B2nhU50YyHEl2gYOl1+4ymPRnYdqef7U21KpBtkEXHdEuBUvoleV3ECp6abAa409cTgn5upYc0bMFCyOGsv1j12Qq9+nY912IBzudon6jJ/6M8r3zTIt1ir0fMe0wbXHs1pChq5zPuYKmxfNBjPNxF+gSIw8bP5rBiKLit87uFzrUQYdIVH4lST5EwkKF3duCfQGFtYncnFrskTWSm9bU1oeXHVaWVLLxxNz3UkKN9fM39fSV9iPtvtizZwMKWplIN2Dj4LA3b8YhckttArA8Z9~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:12 GMT; Max-Age=31536000; Secure
bm_sz=6F932EB980088958E2643CF574D6664F~YAAQjtAXAoVh6oqIAQAAY9SDixTg1mHI1gmXgZuH7UHBM4pGzQzYYdCTEbek1jXT0TfNhF9L5QqOMg/2T/qSx5z7AsdAD520fwY2FKl1FJZUmRrUqDj4rh6kQk9UrFseZCQTP+5e1ohajoAAB7TiQNsYVUaSAgwAGWSzuOQltXinfEVa4HPr5LiR8QpfA08MUXD7+V8WrvicrQiSwWQ/nZgXurKwD9LCtAb9asdhMIAh1RNfpIesfTrTNvG31tpp/8Q+OxyJUZhf8rsfCacKveM1XOkBmklXQj0ftMQgylrLzhJhIbNh~4273476~3618871; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:12 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3ec_kf182_8008-31500
www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
200 OK 0 B URL POST HTTP/1.1 www--wellsfargo--com--6k49329d48d6c.wsipv6.com/dti_apg/api/imp/v1.0/report/?x
IP
ASN #54994 QUANTILNETWORKS
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.wsipv6.com
Fingerprint06:09:21:92:62:E5:64:6D:8A:00:F1:90:4C:19:0F:D5:04:4A:02:A2
ValidityWed, 29 Jun 2022 00:00:00 GMT - Sun, 30 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Wells Fargo & Company
POST /dti_apg/api/imp/v1.0/report/?x HTTP/1.1
Host: www--wellsfargo--com--6k49329d48d6c.wsipv6.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/plain,*/*;q=0.9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
content-type: text/plain;charset=UTF-8
Content-Length: 296
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Cookie: SameSite=None; ISD_WWWAF_COOKIE=!Xtc4C9bGPgvQ+V8v/BdPMOHVwv+ySQ8KjYH+tY3gchshh5zyR3f0SZJVhnLo+0id4EF3rF4I3rYipsw=; utag_main=v_id:01888b83c13000034dcc9747e20d05046003700900918$_sn:1$_se:2$_ss:0$_st:1685969649194$ses_id:1685967847729%3Bexp-session$_pn:1%3Bexp-session; dti_apg=%7B%22_rt%22%3A%22DTUzUIwW9Q7F8CmqvweCvflYLca6l0%2BfyQB8yESY6bA%3D%22%2C%22c%22%3A%22aklwN2pvRUFZSWJIUWU5cA%3D%3DIlHGGgxwI3g-oyiQ4sCsoJGLnHDrXvUNHjqUmU2sURjiNmV7yCyMTrWrU3JwtznnVOYjkMZYE-W3C8dH5lO4cYhntBm9-ssabiY%3D%22%2C%22dc%22%3A%22ine%22%2C%22mf%22%3A0%2C%22_s%22%3A%22RhtWRsk14irPFWOC4mUFmX7%2B%22%2C%22diA%22%3A%22AezTfWQAAAAAN%2BKFItE4Rx4Q4A9Z64vn%22%2C%22diB%22%3A%22AcqJRvpzfD724TiLeTUSJCk5Kh9nDZLN%22%2C%22_fr%22%3A20000%2C%22fr%22%3A%221T47d4XZAGU5HjLOJePZ9Q%3D%3D7JQ1Q_dnhI_7Wh1OkcqQmtWfls3jy4YTBcxGrvG5vNCkAQD7NE_lLEElDlYLWqW2UoOrv-lqM3WEAIrSgiHAQ-UpsJjXrAcgMh8h6K8d1qwNN-VjOE_bOAjvE30h-XprVAe-Lw51CvHXEITC_zwADtfNWRGtAzot9T_rIDc774ETQcN0rhknnzwX%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VeAviX7ROp03oH90g%3D%22%7D; AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg=-1124106680%7CMCMID%7C74007696357701501222590864614164395193%7CMCOPTOUT-1685975048s%7CNONE%7CvVersion%7C5.2.0; AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg=1; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0; LSESSIONID=eyJpIjoiMFRVaWlCbFpCbDFFU0plbG5wRjlUUT09IiwiZSI6IjlMS2EyT3Y2S0JCck02dHJ6UXBJbUpqWnQrb01xT1pcL01yQlF0WHNHYXdOMW9QNzZ0VU1VN085QUVuc0hxR25jYnRORjFlRnE2cFIwSkFIYVdMc1V0bE1na3V6Y1gwSGRzS0NzdlBWTlF1YXFzcHJZQUZVYUgzXC9ZcUpSVmdMY0oxdjBYUlo3c0o3a2xrQWFQWXM3OFNRPT0ifQ%3D%3D.58dcf4f7298a6d0e.ZjM1Y2Y2NzJjNzI3ZjgyYzlmNzI4Zjk5OWUxNTliM2IwNjI5MTIwNzg3MzhmZmM1NjI3MDZjYmFmMzkwYWRmZQ%3D%3D; _gcl_au=1.1.1530267552.1685967850; _ga=GA1.2.599397610.1685967850; _gid=GA1.2.506679517.1685967850; _gat_gtag_UA_107148943_1=1; ndsid=ndsap09j700ksiliitq6z1; ISD_WCM_COOKIE=!EUr7YQLgv1IGjCHz2xKqB3cO2dndHs1WQNNixTYTolQiBO7AE9nIfhKA9+AFGb9c7wBnlonFaVkSG08=; ADRUM_BTa=R:27|g:f6763338-2ce5-49b2-9cec-6b79a869fd79|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; ADRUM_BT1=R:27|i:206917|e:61; _imp_di_pc_=AezTfWQAAAAAN%2BKFItE4Rx4Q4A9Z64vn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 12:24:19 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=YpElxmqksanl%2fjKev5oUK%2fe6d4kN9Osfab2cs9BkYPzu0uZPcCX2xXhgQKuM1HI9; Domain=www.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:19 GMT;Httponly; Secure
_abck=850FD17F4BF4D0AB88A13A4C7D39525A~-1~YAAQjtAXAsVj6oqIAQAANe+DiwrkBIQexPnTueUC3YjGfLEC6Sjivge2srwxYyCyA42QHAdvet+XDT38o6PD3kN19XKQ0QqHlr7+GYDXg/Rie+a7m5o/n6eVg9qgWxyPW/NCQO9DgUJgmpaQN6WeQoWHTO0MXaV8seOTvtPu4B3FNBDNClVEq7hzXrk4FKlI1x9pqoXr7oirfj146UxML+W+lMEvDQnFs7m/8TXEnIEdR/hRmrULaZKIM4MQzt8WePSf5iA/Z8ahM9q87/PF7xi3sLbk5O9zhGygu7n53imlZOfNHxIS5K3GvW+x6mGLJyias4B53bydjwb35RId6xHTsNKnbuVes5Dzcsii3odxKBw2qTlqws0l7acrFGgg~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 04 Jun 2024 12:24:19 GMT; Max-Age=31536000; Secure
bm_sz=B4F518D667625960C1925C470AE43689~YAAQjtAXAsZj6oqIAQAANe+DixQ5BdwVYUDGrSK/4sKEHx1FEINb7gRJwdCTxZKBjp4iKoJZ1mavF/vcczyY6cEbyv8TkIEtdjvbE5OqCYQcaQTYhMPjupuXrPrN9wx2iV0AzrGgheiDRceSQutQsowH/qstIgISrir/iQhoTnBfN2oqx4FqxyJ2WgAbpDRugMlyLyWbllxn38YKmczMukFnrXNluQRJzutcWHKInbU3j58fGlgQe5Ys0zhdpf7N9GxTQSBPx88f1sFpMRBe2iR83cr5w4/uxo9fQ+RJBedl+yoHG//V~4604726~3486256; Domain=.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 16:24:19 GMT; Max-Age=14400
X-Via: 1.1 kf175:0 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 647dd3f3_kf182_8008-31612
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=2&cfg=32a3f9ce&pv=2&aid=
163 B URL POST rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=2&cfg=32a3f9ce&pv=2&aid=
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5ca1ad4de46b3964640d8ae014f2c844
ae8775245726e5c363fe282b6f1d53f05f60f8bd
bdde4632ce2f693f0037e090300c677a8d3fceafd1a21a8d85f1a2bee407954a
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=2&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 34739
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 163
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:24:20 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!L/q4/l9LrViBO0d54TfMmyz5FQ342SxZuQWDD5xN8iA7xcVt/Pf8pgB+2ZJTHU7/YANcaTTnFlD37Cw=; path=/; Httponly; Secure
DCID=o+fXTDdAI3P1V9pEiySeCiSIjeAukD+nnEYZR7nxnoY%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:20 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=3&cfg=32a3f9ce&pv=2&aid=
163 B URL rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=3&cfg=32a3f9ce&pv=2&aid=
IP
ASN #20940 Akamai International B.V.
Certificate IssuerWells Fargo & Company
Subjectrubicon.wellsfargo.com
FingerprintF0:DF:3B:07:70:09:2F:A0:0E:16:57:29:8D:03:C0:22:C5:63:5C:30
ValidityFri, 03 Mar 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators, ASCII text, with no line terminators
Hash 5ca1ad4de46b3964640d8ae014f2c844
ae8775245726e5c363fe282b6f1d53f05f60f8bd
bdde4632ce2f693f0037e090300c677a8d3fceafd1a21a8d85f1a2bee407954a
POST /glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/cls_report?clsjsv=6.6.78B156&_cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0&_cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe&pid=2ea70824-136e-4ddb-9fd1-e8eb70c0c662&sn=3&cfg=32a3f9ce&pv=2&aid= HTTP/1.1
Host: rubicon.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 50683
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Cookie: _cls_cfgver=32a3f9ce; _cls_v=e3212a32-ae2e-4613-b752-7cf7326cf1fe; _cls_s=4baae28b-6809-4c6c-b0f4-6295a3340cb2:0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/json
Access-Control-Allow-Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 163
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: origin, Accept-Encoding
Date: Mon, 05 Jun 2023 12:24:21 GMT
Connection: keep-alive
Set-Cookie: ROUTEID=.cligate1; path=/;HttpOnly;Secure
ISD_GB_COOKIE=!9GKKLwI/I3fk/6d54TfMmyz5FQ342WzKF2iN6jfpUZGyroowVrX9un8dimubiyTPlWwADAoXORAMxSY=; path=/; Httponly; Secure
DCID=ed20mjw+RUjTiQa6Rzet0mFfR9Y7+98XIkPmH9pPeB0%3d; Domain=rubicon.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:21 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M50 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:24:12 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
200 OK 0 B URL POST HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/AD-AAB-ABJ-PZF/adrum HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 11135
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:24:11 GMT
content-type: text/html
expires: 0
set-cookie: ADRUM_BTa=R:55|g:fca6a489-7ad1-48d4-a52c-4c049fbf328a; Path=/; Expires=Mon, 05-Jun-2023 12:24:41 GMT; Max-Age=30
ADRUM_BTa=R:55|g:fca6a489-7ad1-48d4-a52c-4c049fbf328a|n:appdynamics_eee1d4f8-67a2-498e-a725-47e29803822e; Path=/; Expires=Mon, 05-Jun-2023 12:24:41 GMT; Max-Age=30
SameSite=None; Path=/; Expires=Mon, 05-Jun-2023 12:24:41 GMT; Max-Age=30; Secure
ADRUM_BT1=R:55|i:559461; Path=/; Expires=Mon, 05-Jun-2023 12:24:41 GMT; Max-Age=30
ADRUM_BT1=R:55|i:559461|e:3; Path=/; Expires=Mon, 05-Jun-2023 12:24:41 GMT; Max-Age=30
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
200 OK 885 kB URL GET HTTP/1.1 connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subjectconnect.secure.wellsfargo.com
Fingerprint3F:43:1B:FB:A6:51:FA:27:D5:EE:CF:C1:23:76:C7:04:BF:40:DB:BD
ValidityTue, 11 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
Size 885 kB (885142 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/static/7M/accounts/public/js/wfui.77e559b79db575fffbe9.chunk.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 331228
Last-Modified: Wed, 10 May 2023 20:52:18 GMT
Vary: Accept-Encoding
ETag: "645c0402-50ddc"
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET POST
Access-Control-Allow-Headers: User-Agent,Keep-Alive,Content-Type
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Allow: GET, POST, OPTIONS
Access-Control-Allow-Origin: connect.secure.wellsfargo.com
Cache-Control: max-age=10368000
Date: Mon, 05 Jun 2023 12:24:10 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=SWiyRqNU1OfywKe0XTHzlPx1r0cTAv9stBR7Zov+QK8%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 05 Jun 2023 12:39:09 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
200 OK 26 B URL GET HTTP/2 pdx-col.eum-appdynamics.com/eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52
IP
Requested by https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Certificate IssuerDigiCert Inc
Subject*.eum-appdynamics.com
FingerprintFC:48:9F:81:33:3D:2B:6F:D9:CA:C8:3B:5F:11:C2:DC:DE:71:48:F5
ValidityTue, 14 Jun 2022 00:00:00 GMT - Sat, 15 Jul 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /eumcollector/error.gif?version=1&appKey=AD-AAB-ABJ-PZF&msg=Assert%20fail%3A%20M52 HTTP/1.1
Host: pdx-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www--wellsfargo--com--6k49329d48d6c.wsipv6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 12:24:12 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
expires: 0
pragma: no-cache
vary: *
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept
x-envoy-upstream-service-time: 0
server: envoy
X-Firefox-Spdy: h2
163.171.132.220
47.246.44.225
95.101.10.120
44.227.151.146