r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Mon, 12 Dec 2022 03:51:51 GMT
Date: Mon, 12 Dec 2022 02:14:45 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11244
Expires: Mon, 12 Dec 2022 05:22:09 GMT
Date: Mon, 12 Dec 2022 02:14:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 02:08:33 GMT
content-type: application/json
age: 372
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5712
Expires: Mon, 12 Dec 2022 03:49:57 GMT
Date: Mon, 12 Dec 2022 02:14:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: i6SUviQyzWK4areIslYZ9Do03wZNo7fa7IA6GkL7BfDk8+Lj88Xa8FS9f/Rbo8X8zJagQQNhvWA=
x-amz-request-id: 9GCZ7Z7C9CG1JJ77
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 01:51:19 GMT
age: 1406
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 02:14:46 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5a442e7018c54068652b7053d4dd2a41
abaf9979ff36b9605ff22a237b778efc49ecc1ba
47082d542372358ed03fb3c5f9321b4d3732c0dbae645a2a5c74327db7f7e28a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47082D542372358ED03FB3C5F9321B4D3732C0DBAE645A2A5C74327DB7F7E28A"
Last-Modified: Sat, 10 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Mon, 12 Dec 2022 08:14:08 GMT
Date: Mon, 12 Dec 2022 02:14:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 02:07:56 GMT
age: 410
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6136
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:46 GMT
Last-Modified: Mon, 12 Dec 2022 00:32:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2370
Cache-Control: max-age=108142
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:46 GMT
Etag: "639588c2-1d7"
Expires: Tue, 13 Dec 2022 08:17:08 GMT
Last-Modified: Sun, 11 Dec 2022 07:37:38 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css
23.36.79.34200 OK 2.5 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
Hash 5d05bec210515094a569c911be5c5d61
b7a5b5c30565d817265cc73f454dce0d6ddcd28b
50680b1825c3142e3fbd6b4c9985e6c197e1a9ab4829c3cb817f4cb90d6526d0
GET /auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2464
Last-Modified: Thu, 13 May 2021 02:25:50 GMT
Vary: Accept-Encoding
ETag: "609c8e2e-9a0"
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Date: Mon, 12 Dec 2022 02:14:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=V2QGFlcacGww3M1P73wr1w%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css
23.36.79.34200 OK 20 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
Hash 2beb0f885999a04e8c74f2ae4ecb70a7
2b9c9aa8db27a0ce51dc90002766f07ba59fc7d8
52c66fd385f6c3fde47662845c247c55b713770b8c332b747364b7976d84a1ac
GET /auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 20434
Last-Modified: Thu, 13 May 2021 02:25:48 GMT
Vary: Accept-Encoding
ETag: "609c8e2c-4fd2"
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Date: Mon, 12 Dec 2022 02:14:46 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=fHn8MUNOlZrWsOynIBkaZw%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/ga.js
23.36.79.27200 OK 20 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49163)
Hash d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b
GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=uPg8G1O28TR+WvQzjkeryA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
23.36.79.27200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=wDvWonhHjZnsCfbh5UEsXQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a82V6XZIqRHJtPgbKu8eLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p6Lew05UOz+5fcoDDHw3AojaJSo=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2371
Cache-Control: max-age=108142
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:47 GMT
Etag: "639588c2-1d7"
Expires: Tue, 13 Dec 2022 08:17:09 GMT
Last-Modified: Sun, 11 Dec 2022 07:37:38 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2371
Cache-Control: max-age=108142
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:47 GMT
Etag: "639588c2-1d7"
Expires: Tue, 13 Dec 2022 08:17:09 GMT
Last-Modified: Sun, 11 Dec 2022 07:37:38 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
163.44.197.16200 OK 87 kB URL HTTP/1.1 www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (47281), with CRLF line terminators
Hash 031275e20921a7411e3c025bce299cd6
ea275f298bdfcaa914388f7465b315d90fa11df8
2eafebf0864c74dd9967f0375c5eb2a7255242adf10fa3d108a94dd59c4677ac
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 02:14:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; path=/
MS-Author-Via: DAV
X-Powered-By: PHP/7.3.25, PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
23.36.79.27200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=PIjbQ7MRlZy4CljYarhX9g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2371
Cache-Control: max-age=108142
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:47 GMT
Etag: "639588c2-1d7"
Expires: Tue, 13 Dec 2022 08:17:09 GMT
Last-Modified: Sun, 11 Dec 2022 07:37:38 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2128
Cache-Control: max-age=107899
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:47 GMT
Etag: "639588c2-1d7"
Expires: Tue, 13 Dec 2022 08:13:06 GMT
Last-Modified: Sun, 11 Dec 2022 07:37:38 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
23.36.79.27200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (35846)
Hash 42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+ozOiJFP2nF8HGZJBKRPqA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ytc/ytc.js
23.36.79.27200 OK 5.6 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ytc/ytc.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15032)
Hash c48fe5e804797f0f227c7b840d74a48c
af0ab8fe13f1dc1de7363cfbfc14eacf766a13c2
1a2fbaccd0201b433a5fe36253718facae1b50d23d6af5884279f563a7494c2f
GET /tracking/ytc/ytc.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Jul 2021 21:00:28 GMT
Vary: Accept-Encoding
ETag: W/"60f0a1ec-3ad3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5614
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tgfrxU57PK3kg+6+mbOQlQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/survey/gateway.min.js
23.36.79.27200 OK 7.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/survey/gateway.min.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (18709)
Hash 4e22de87d95250210841318d44411316
732d49d6c6fbaf72ca9ac3cfe7d34a08400506cf
b62365f674d8b5ce81a33cae6ad20ad15b03d10b31f6e639ab316e3480a7dc66
GET /tracking/survey/gateway.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 05 Dec 2019 22:21:08 GMT
Vary: Accept-Encoding
ETag: W/"5de982d4-4c5d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 7188
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Ackb344jq0ga324n9JFLig%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.302572123598544
23.36.79.34200 OK 42 kB URL HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.302572123598544
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7bced6f2bf24bcd3306ddc25c5796aa1
5fe3a0e6ac309123e49885b1c98ee0d8ea7a119e
cc2ce5c042af547067c27406663fa3078b612bc2745c1f7f6131f131811e1e36
GET /PIDO/pic.js?r=0.302572123598544 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 42479
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=zPgw+twwUUCqPviTLCDLBHObFIp760uePGKlB5NqGwfvAW1jFiJB1Qq+%2fqvXHoOb; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/js/actions.js
163.44.197.16200 OK 504 B URL HTTP/1.1 www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/js/actions.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash a929d6eebf69eaec9a46285c50f74994
2e42a8ba54ef0fdd2c59252cb9912516d6de1d7c
9d670b99192b4af1f0e339ab729d0a4700055d254f3d18f6f2b44ef76dca3eea
Analyzer Verdict Alert fortinet Phishing
GET /opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/js/actions.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 02:14:47 GMT
Content-Type: text/javascript
Last-Modified: Thu, 28 Oct 2021 06:27:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"617a42d6-50b"
X-Powered-By: PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053
23.36.79.27200 OK 1.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4209)
Hash 7251c21cc4e7be828526ed0d5e218cd0
87abe4f4f42842077a75808b7c7e016b179731bb
472d727e0870b9fd4b6f965c73d41d8e4d3a9739f1f966e5785139f4b7492996
GET /tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-16e0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1663
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=NMmxUKqUvULKz%2fr7pWiMTg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209
23.36.79.27200 OK 2.4 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3223)
Hash 44449282135ec65f8a30f2d0019559bc
b5345b6412524b284661df58083cf4a69137bf07
4274fe65bf4837e788240c5554ea146522b4f639497f86f0ebad1cfdff13e71b
GET /tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:42 GMT
Vary: Accept-Encoding
ETag: W/"632cc052-1c52"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2392
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Y0Q+yilWKMZe+EVJEdRrNQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749
23.36.79.27200 OK 2.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1022)
Hash a14fd9149c74dc560cbb2b19a945ef73
feb2bb1497fdf3810f823e09124f310ac3dfe9e0
314c74f80c31e727c06da493e10e9dba8cc3a80f2eb07d06463c486a3ba10ffe
GET /tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Dec 2020 23:04:06 GMT
Vary: Accept-Encoding
ETag: W/"5fc96ee6-15f9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2186
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Set-Cookie: DCID=hoPHhjh%2fUUjLpB4I9x7tXf6CJ+T36IIdTCxuZd6kmVQ%3d; Domain=static.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/css/style.css
163.44.197.16200 OK 190 B URL HTTP/1.1 www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/css/style.css
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 171d4b7033815f99c79bb13d5a7a4042
c00a8cdfbb438adae5e2e51a8c1969d341476922
e4f7e5605680d92d2f2c7fa402a5f03c14c63f11a24bc80ce8edef9150c23d5e
GET /opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/css/style.css HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 02:14:47 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Thu, 28 Oct 2021 06:48:28 GMT
ETag: W/"23dae-12a-5cf6419146700"
MS-Author-Via: DAV
X-Powered-By: PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
23.36.79.27200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qokk+jOWUbWzteRwTwdUTA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
23.36.79.27200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Fua0qXaS6sCCvS8MQ56J+g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514
23.36.79.27200 OK 3.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1579)
Hash bda63f460bc390b7b26d7c6bf49bc292
a9e353a34855275090f1812746caed3ecaaaed10
c7d2d5ed51d288030e4f53182ad497193a669255e1c9ab0f539765d0c9189218
GET /tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Oct 2020 21:48:43 GMT
Vary: Accept-Encoding
ETag: W/"5f99e73b-28df"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 3220
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=zWmd0hhhEeEQtaDJhXdmpA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956
23.36.79.27200 OK 5.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2575)
Hash 9b6e37266171f49f824a6e39a413ff6f
142cc5dc8990b0d62bbf391cfdbd10cf4fbb595a
9e08142c6288d72a8448c65148ff9ea288c8958942bb36482f2409f504f3518b
GET /tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 04 Mar 2021 00:30:32 GMT
Vary: Accept-Encoding
ETag: W/"60402a28-50bb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5672
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lbODzaZDNQoJeVbUzE%2frNQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.1.js?utv=ut4.46.202103251512
23.36.79.27200 OK 2.0 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.1.js?utv=ut4.46.202103251512
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1117)
Hash f67acc5a3f56703cacf3b40067d6a62f
4e5bc3ee42947d654bfa5bef7a4bbc89c00d98a4
17006d5b261ffa4caf0d503d6d0b588dbdbf8fbc6aff432a4d602035122a50a2
GET /tracking/secure-auth/utag.1.js?utv=ut4.46.202103251512 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 29 Jun 2021 18:30:28 GMT
Vary: Accept-Encoding
ETag: W/"60db66c4-1153"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2011
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lxaRftYyVYkNPaVMO%2fAELQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200
23.36.79.27200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1071)
Hash 43ec84506efb1df65f7be5764c4f8140
d9b3ab4e2cca9334c1290ffd518b8000080af784
5008a2797a0a577262b7e24bab726817ad2e914c746a425a4d9e95c03bb5619d
GET /tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 08 Apr 2021 21:15:26 GMT
Vary: Accept-Encoding
ETag: W/"606f726e-a3f"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1343
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=qMPdd3swabgZP2fs1G6mgw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122
23.36.79.27200 OK 3.5 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3237)
Hash 366c78f63905a07a51fcf2ca5cb938e6
7d7b1a2eb08c7972faefff64e841ba22ed0e04ee
0c587e2186f735f5ea6625edb02eb6690301eaa6c87fae4ab8f37d93610bcd99
GET /tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-2bba"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 3522
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Set-Cookie: DCID=JjUExzpUTeejUrwYvnG2jxKd0GovGlzY81rXYTF%2fWXI%3d; Domain=static.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050
23.36.79.27200 OK 1.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1142)
Hash 8ef348be98d33d036c76772130429a0f
0ff80908b030a9d097cf1638dd903f315791c7c5
64c81f54226a9628d8944de4a31944b810f28de5db7844bfada1ee6e18c2fb8a
GET /tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-ebc"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1682
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=2YoY2NeEwXHUg51tqp8iRA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/jenny/nd
23.36.79.34200 OK 17 kB URL HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2285)
Hash af75e94ac584158602f43c2960c6bd92
966ba9f46206b4daab3d93435355ff82df81d295
2deb1061ca8839219c0d3090f1fc4f1c63e0cebb5a23270abe7c6bbd7bf5dc17
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17032
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:26|g:ef7c249e-74e7-43df-8927-434562df95d1; Expires=Mon, 12-Dec-2022 02:15:17 GMT; Path=/; Secure
ADRUM_BTa=R:26|g:ef7c249e-74e7-43df-8927-434562df95d1|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 12-Dec-2022 02:15:17 GMT; Path=/; Secure
SameSite=None; Expires=Mon, 12-Dec-2022 02:15:17 GMT; Path=/; Secure
ADRUM_BT1=R:26|i:302812; Expires=Mon, 12-Dec-2022 02:15:17 GMT; Path=/; Secure
ADRUM_BT1=R:26|i:302812|e:3; Expires=Mon, 12-Dec-2022 02:15:17 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=UDfp66Sl27ZKxSV2I%2fGZqgm%2f4tiS3Gq0u4IrDCvd7fobR1nHir1pdDQNUz01p%2fdA; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
_abck=F997DA2C96F9B130E997897B76884EFA~-1~YAAQHk8kF1PKIYOEAQAA0AAdBAnJMperhPyAXnNx4OaMaCXLhBl7ul3yManQa8rYxkrH5jRYUHdWwJpTFusYsDtdwjjT33pzaLYmBHo3iBdLs08teIb8IUBsNxX0fHxVEM/AUogkOF8CYH2Jcj3vUaplVqREr7v5pZN3VqRDXAAOmvaGXpeJJVVbZnxhu83TqektyvEY4I87ItuxxOhVsaxvCRPqeSs31WfR9Fj12MwDjid0EolWVVfbX1yww2M0NVsPnbA4bXn4/Znx+HuYawRpw2OmsVEDkOyp8lQsje3oqM6s9ROwI6PB6F9r2lVphArRlO3mrG4e3DZeL3pSD7ljSyZ2xHMcp8zwIgIFjSGSQXTU6TgwyAe0ZjP5Q5VgQw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:47 GMT; Max-Age=31536000; Secure
bm_sz=64C07F93F5F1C5942FEDBBF025C06FA1~YAAQHk8kF1TKIYOEAQAA0AAdBBJpYX+aKFudnae9EQQSgonqnTx8JvDaweTSlzDzibMOF+lLn2IAUiPsX9e6EL4sl+rkEoSmOSxnjg9Z1DMcMupeaIPwQjoRopVR9tDbQz0Vv1OhTkJ8L4aRjNSMMEOxwyJLE/2t+yW6pp0j0K6rJOLGpQgi2AyxlGTrUpC1xHOBXS8ZxLGoZoJcvMocBzFYRJUAzVZ1Hw1ppvGUFhw4jDAj02lXazojyVDkmedG+Zpa6KZWV3JdzqnohxTzvFsjsxWSGMfzNzJq0kIrgm9XVnXEK92+~4468801~3486518; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:46 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
23.36.79.34200 OK 37 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6d5b5e08c888d3fa74e8df70f1a3c066
b610732a847c87cae1472ddfa99913d039427e18
2d041793808fa6005ce6c9faa96e9846e4de428bc5ac0e09932038241695e340
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 36978
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=N3t2cD4sMpti%2fKA93Ipmwkbzb3CB3yak7xuu%2fksLvju2JybwKbIjoPSL7igP3uLC; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/trx.js
23.36.79.34200 OK 54 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/trx.js
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 994d4901120dc254ae710a33a93ad5a6
c56ac2287aa63391495ff3b1ebe7465070d4af8e
31aa619fb5525e16b84cc91e8bb3a5744336e7c630f1a1088e213b2dc7f32d0f
GET /AIDO/trx.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 53971
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=fJ1l%2fne7CSpcOyUz6chYJ%2f2q4H5Bjds0VD9SylfjrFCKBQ9xa%2fG3Il09rMr36UCQ; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.584974079897582
23.36.79.34200 OK 56 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.584974079897582
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8ece0cf8ba5dcc17b824066496f1f239
06503daf99457c0167818602616fca2b28a90a1c
9c74139f7f40c77b569fc605449c868972195e565fa356789b4ef4d94bd6c5f0
GET /AIDO/mint.js?dt=login&r=0.584974079897582 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 55656
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=9RI1WWx8NZFiBqGFIJhS+Mctqu+gu6Gp78o9fqW%2fkbQ%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2899
Expires: Mon, 12 Dec 2022 03:03:07 GMT
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2899
Expires: Mon, 12 Dec 2022 03:03:07 GMT
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2899
Expires: Mon, 12 Dec 2022 03:03:07 GMT
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2899
Expires: Mon, 12 Dec 2022 03:03:07 GMT
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2899
Expires: Mon, 12 Dec 2022 03:03:07 GMT
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
23.36.79.34200 OK 141 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 86dc6547f650f6c168b4ada34ad4f52e
2317c5aabc5bf6735a61ba63cb9dd851305ba8b4
3b2eb2033cfb6a18161fea0f141aeed2a2fcff9d79c58f1ff48bdac45ce0cb93
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 141
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Or6Ch+7ng8L5zlvuYRRQ9eyeP7NWN3XFp5JHsNUoXzysCq%2f2HUK31IOj1pBrYX7e; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
_abck=6BFB6276B79B42DA0600D566D3B9035A~-1~YAAQHk8kF1fKIYOEAQAASwIdBAlOFrVU4wrWwMJ0Vic+FRhvTmCZEe+519o6iZTxRdh9Q67VmktVi5pngSnwmBH1SOC7p96BjqQaeKmIThv3GXM0kVPyN1Zq15FuBuktmk3ASoBw+hjIAaVW+hPSPDWMXt6LV2Rq/PWgTq2cB9toOXVoZQl1b41zrC9tEuqMqyRLAY2iC6YY+dnTpfh9DOoZnTwTMnmOcBkXKid6sp/HtukxLJENKkvDCuokDeO8JcGYdur1w69tAznNn6SvBdrbpnP/Rete4EP2K/RsVVVWsqFIx59LHqXKXgcXxpEHbWmGEcFmNhfl0iBr/dR3mk6qxVyZCTb7V4HLJx+Q0Ny/3R65kV1KAwu0jDadwbcv4A==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=13EEBD361AE1B3DB2CBC26BB39303471~YAAQHk8kF1jKIYOEAQAASwIdBBIFqOitYSNScZdJl7BOANCsPF0Ae2VwtApL2RcjUW7noVWu5bSHPW904tMuYbxyhMIkFLVjpGD859tblMymESb1gpxn3umjOVg3mv2bZMvCbdjtYStF+FvEDxQel6h4oayJY7VVyi5BLlM2EiUmMsTXjPkg2AONKVp1Az74bEWxtC82Na0bpOEYeSVlVsINPh4E1DcmCCBDnZyG8e5rkEwXwLrATpZoLzN3rLQXJSyUPA4UM19ligzfZLK0FZfcGKwmCw9cmSyG7X2vY0vpZeieuG4n~4473907~3683124; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/tracking/gb/detector-dom.min.js
23.36.79.27200 OK 4.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Mon, 12 Dec 2022 02:14:47 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iRA2fh1G9NQsgdCltStGfQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/try.js
23.36.79.34200 OK 39 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/try.js
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3074874924dc4e529a07a4507806ce93
755db6980d12e5752c87e92de4ee352e148862ca
e773710da1f1cf58ea410acd87c3726931c715ad33a03f5045c08b6c40327815
GET /AIDO/try.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 39302
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=uTSZc0Bnrw%2fCpHxC+LUPhA1Wxwrw7yIUwNjFjFGWsTt7av9TykmmiCLPmRY0OR1R; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:47 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b226bd8dfeafe00183109d4f824e2be
3c2b64c94cc098a416b1d4865e31298fcd5d05c1
ccce0f89771d141076cbf3a1830eaa5d81b9c0376c3637e100bdb21b98ecd3b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: 96d5cd55-1beb-4f13-aecd-251f84558356
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEJyGgUoAMFULw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d71-420b5c907c3546e96583ecd7;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -PiWGp486neaYPqBj92OHm22wsFaQres0BkEFO2Ysd0mc4FuTrVNfA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:48:53 GMT
age: 15955
etag: "3c2b64c94cc098a416b1d4865e31298fcd5d05c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
age: 15429
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d5e5918cf53c569d6674e598228246
241a28d882355e06b0a2428c931f9d72dd5c6c53
2ebf30d1844d23a2b7516b900b1aa4473e5c042b0e0ecb2c39675d4b4bc7910e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5452
x-amzn-requestid: eb6aca44-e834-4123-b191-eb3f007bf7b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6OCrGM-IAMFnxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393f6dd-71fee2de2dd69c7d1d4d32fe;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 03:02:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2dzTL44JHLjIbSIFDFPwmOcNMq9-lZF4YvsBimPz3YD1c4xQF2tUCA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 03:30:49 GMT
age: 81839
etag: "241a28d882355e06b0a2428c931f9d72dd5c6c53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9691c13b0d6f60245050231624943d7e
80c2621dd75541a8a926cad768ba53332a41f3a4
6ed3a7dfcbadad7d7fb622ec99799dfefeba5680f4cf8fe5d9118f57f7dfd9aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: 803a27b1-a0a6-43e0-bf2b-067c39c9af9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz6HnKoAMFWRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-60d20c7a349095d61f068492;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fn66d83biAGn67adJKjhrU9q1BmADSSuZhV14FWCCTtzBLDF-Z8TVQ==
via: 1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:39 GMT
age: 15369
etag: "80c2621dd75541a8a926cad768ba53332a41f3a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a37f35b8baf163928afa96129d83305
23ec6d9f18c44680415659b987399014c20b6954
13eb6db6765e1a69ba386cdb12d1451596ddebfcef20f1dbdf34f132c7f6c8f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7408
x-amzn-requestid: 97306647-44c0-4d73-9625-f0af54acb577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4MFTkoAMFX_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d01-46d74b3f283ba5895aef6d3e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XIdLQlkXcJ5PdAXw1Fb7i6CAaKnLuagCbzkMPBmcYeuSQJh_AwoMVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:45:17 GMT
age: 16171
etag: "23ec6d9f18c44680415659b987399014c20b6954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
23.36.79.34200 OK 142 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 42136946090cda75245e99bdb2661918
269b21d4acfa02ed0ae26ae455cd43a802704e47
dcd55e0cc6c093a79c3a24bd4d61f79b97bbace87f53fcd6abe76ce2702fa726
GET /AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 142
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=y47R%2fBZiyzr0ct4l5vzLPCO5M5HwNxCdjkfLT3wtPB+7VKigUlalMCUIXI8qBtO4; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=82C7CC701B18E6DAFFB4C59AFCC5FA61~-1~YAAQHk8kF1zKIYOEAQAAZgMdBAmM0QzeFHzeS0uvRmA3qw8Xpa7nrxAgFxMnVDlxVd9THeRYn2U2XK58r1QfFCdsPueUknFMfmbdHZxZ1Isyl2HqBW3jbn929AVXKiqnx2DhKbOOHTZj4TSp4+0ZdV2m5gQSm2/V7PU0voGerEVFaqGIvMhtK7zIOwi2DKa2aBrIqzU0CTtiq7ZhMnW35rhf6EKrmVoysLY76XEJBFOLIDH30iYENTSsAjeSrECqHPz1aO/zisPeFScfS1cbnFRB6Xi0naGbxGyh4p18aROeptHh962k5awY+DkXywaMm5/qkMiHHtPb+8DBKd0TON2OiLhpi5yuwprc1oSYGCXgdR1HQdaj2AZpncaLQEOE1g==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=53A0504072F0BADB86A3A5C422271868~YAAQHk8kF13KIYOEAQAAZgMdBBKC79QDY2q4ppzeonkeZ5qntlO+fEktUAGnn0m5A1vb6vTewrpexRfz0E5YTa9CywzqdiBd/GCf+Qt1KV4601prnUgLM9Y20FymGYYnWaSFPiWMkHZoHtMRn2hokOL6RH5mSU4S+nu1iPZr38gNP9SUE2sl8RkqKq7nRYw9udp+ThcIJK+O82V9/dsLmnoqpLkhEb6AIFJ5u6sNpwxO17zie3CPvnZRKafHgHPiw2BnZ7vC19YzfAUcMTn39vXM5Myd2yp7vDJLbe1X2NfqfOvRJjbn~4473907~3683124; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
23.36.79.34200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7843a499e666a1b8567d82901791c312
974058d921e31aac449f8b89061e88a123d3ed74
b3e55c0f2bfb5b62aede5cf0f77d3670680607f7d9ca3f6016f61dc8ab480c72
GET /AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=cs7BxJ1Fu%2fudpHlFLZJGOsLlUAeQPtUgUq4c8jKtYilJHcZxIJtQCOb1MZrQDZ7B; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=B7BAA712B8B1EC2BB3CC3CFA266D0652~-1~YAAQHk8kF1/KIYOEAQAAoAMdBAmeW7oE87KZ8QRu4ghVxSowkECdIB7QFTSwAAwRaNTaKXXpVVxTuh/tob2xLPLIpF+/lr+VGpdcP+BvMchToA9aPDZMEGUGQVIG2yS5Tq/Qv7EAd/2Pn/GGKjjO3C+FzZR7KxXQZxb5O1bAOb7Arh3mqASWqJPmturioQpMZ/AAlDoH44nQbYd78KUOTapE1OJHHZ2hWNgTU+fvhFvV0eOzIJ+eTqjS4tHAKYWeRhYpVLjZ8xx770Q7bbtSejtIboNXrbP6ADDFeZOcuSE+5SfJy+P0fW/ogNf5p1DKS+k4BlTxWb1iazMqCfi/EypB69Hq2s6EVO6mYjj5pHsUgOrNxPLAI0QYOxrV66SL+Q==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=3023AE8107BA9F288225B43F6D4F2FB0~YAAQHk8kF2DKIYOEAQAAoAMdBBKqnBlU0DdTJQlZLhTc49G6v19ogs8QVEcA/hPrziM6yUNUMbqlvPVNf39TfjtFMAlMhGuK/9DbxCXCY3XScQijmQ7Du4WY5hMkMxbgke+0ISowXs512AXungnlXxCXCFi4ub70eHn9SuDJLvujmiSjMckWM3UcsF+ALSRoPQL5Y/ceTzjhCblAY1s12uhxLgKs0aROvpQNOUtjOTN8sa0oFFvKaf/GJqYkJj6l0o+YPhwl0SD9iFUpvFRlwCiqaQV9PkvE/yEHZ82/MuJB87wPgvqH~3556932~4273732; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
23.36.79.34200 OK 132 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7e44326a3259e79b98f186211aba778b
ccf4f6dfaa776039a5ab2db32bd9b56fd7a0ee7e
6e72d742c71556542e829f2e9344e5a8596857d2c556376d759173136cfa4362
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 132
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=MkRCRThiphg3lfMI9rD4KlwClW1MlrGfNDM3fv1ekcECJZJX4DaWuLwWgIAYM9jd; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=4394F4848DA326B6965DD77A8F76E4E9~-1~YAAQHk8kF2HKIYOEAQAAygMdBAnI6Fcc//fr51laReOOWcNABPgbpG3mI8aaiNmc5c/lsXQTIdhN/wjwCp2c6D2ex8iN/UP4/YZsh5Jak7si8gvJECzGKby0WHLDIrTYH8YVO7JTSN9zvSJJlWBwXdvzRsFfwkXnYM+55MoTCY/l00GUEZOrnvqXmEP79XsG8Wd5Z5d77IWmjWISd1f+/YYV88LL9QZ3nXCJWcZv5VkCYabTBBs86p68/vKAlGrEbm5VTjjF82X31aYp14nDT0IKJrOQBejI8FHX4qD80yjgrbYjCZF8bwfW8k9HLcBSmx7l1+wvEAmXW2wLUZhlVfQBYPnXXbeGo3ieB2/Fw4QB6s0VmKm+AdfOBcIh6GaXtw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=892BC261D2C7DC272D5C9952C2FBC84D~YAAQHk8kF2LKIYOEAQAAygMdBBK8szJYxh8CcmyuA6y+BqREU/VvZS0HXLSGi4H91JpxR+4p+rnIvMX5Jtx+4H30/e5QyUyXQ89U3ZxXI1KZFjImIq++9UaMfDJCjBtY0V+A+0NZSREJdj0+piuUO7MiN9xQVu8obfJgI+qDDLJz4rdbVHdRu7s99IdiA6Ux9fldRHccqrG+yidECvwRcTka5JVb5gdCJ+3hynHUilAE8MfPl8B+Od2FQEjlaxBDb3M/LD+SjIXKEpmlQ5z88lHuPaBvc1w4TVVoM2MPj1DrQIG6+rQF~4473907~3683124; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:47 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
23.36.79.34200 OK 89 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 730f77f050204ecf58f930a84221df25
18a7d47621382f421a3eae4bb3f5965ecb27896f
70e48b653f8f6d8e0d7d043c6b1a308a23671acbfd4fc7c4547ccd70a3ab0c30
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 89
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=BU0X2BEWcvS0qW0FVwmpjI1icb3bhnR0O97ZMqT5zaL6ythQFlFTvo2fZpat7c6T; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=0FE3FAC6540408CD0656155FA99878AB~-1~YAAQHk8kF2PKIYOEAQAA0gMdBAnh3IflHPkBBCykQ2EXXr6H4rC9jgP/bcw5qFsoPKZnIrfE7f02kx7cOK5fMShC+bs4v4KzXMA5KQs89jKOSRaStHOyXrwGECW+FASVO/QiW1ChKf+i2NfcVk2xbi84hx0yC7uwaiNTEq5LT0I8r7zLzsdB86QhaCaFCYR5bEhqoCO1IDGWkVMMkPtjn8r50x2ILlfzcJd7ehqRWbAHS3lwv7psG3NeQBz64pMsgnApjS0/EJ4ZigRBKe1EnzNXymZKw9ZWpIefzocXt3Hm32u3FXvj5+uG83EvPGNKVi5DmdXMcgK1yFWnwol6B5VHq2wZhk+SnuJk9V+TvNDB9OOl44tckDAQ57dyLuWXVg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=CF612370400591981425666B705444EC~YAAQHk8kF2TKIYOEAQAA0gMdBBLul6VfX8ASvFvykI0Q9lVE8PmGPI2vOqqO2zGsIbVC2eiEakAolwM5Yfdd+jXCT5LULbvVr3kBP4s77ifDAisFK92o/aLJqNUH5scja2VhwdIDhVJZFx99v8XRO1Jy1fhdm4GJcSbekboKqAuZZaJbhXmdAX8eOGszvjMBgkHUVK9x0Y+nz3c8K2IakPb36lhqj2FqPdZ7nRcSOZhf9hNh/Z0F/22obo4HcngikWrLhRK1tN/WGQFkD+D1xS4L2+xJMJvtqw380wrWwW9F+IMqkzT/~3556932~4273732; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
23.36.79.34200 OK 131 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 445c2a116ee0bfe0bad43402c1b1693c
e03e168f625736fce6038a13dbc265e79919e173
5918b3d659e041ea531f4d524002b72b8e48bd7f472a3fc28caae3f9ae3ed631
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 131
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=PuXxkM%2fiw8GnuwhGa2X1B1GO4dqwdz+0M6d8qCJNqPcIRSW7is5QRQGZkgzMRTUE; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=E73E04F3DE747BF4FE2E90D1B87248B5~-1~YAAQHk8kF2XKIYOEAQAAKgQdBAlX7O8/AYAyKu9yBT9drUP8Bp0qlAZFTcU9cLL/SIFyQ7BgrkhyF87q4rB5JlPF824BdEwp7YuO5rQrlyvPvhqaVcEEmd3620nPhfd6L10OEJZyOGNKRUUZuJQgfb2/cSFQuIHUar3rLYHbyPfCugLLc8xqz0M2NQeOkCl5A5grfsPRthhkJRIINpWr+rEZE3zCKARKWuwftwPIa0JY01jrIRoiprFkAY7iIH3Wn6PXWTUpuV4ZHHazk7/oH/mpZ9FpN+qDaXrjLsip/pFx6BgSv+VVzvsG3DO6hmWVdnhJdYeblgqtUspoJip60qWNPQWGA7kHkP8abB9MTKAASJmT4Wdbok59yi8vzFhbag==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=699F89CD91792C769C6D652F68359864~YAAQHk8kF2bKIYOEAQAAKgQdBBJeFEFaXFwErfrHILomMzeBtt6ciIuTV5pi/XTMEpfc4536uBxH1Jf83quURcnThUbyQUd5l8LlfpAhWg15vXvOSlIQUp1VYURw8Tzx7/4+5Lg96vamch59/JqwQkhhfo/2XzbOUaHiIkLyRTVe9bYW5tNpCzu63dyP6KTILCndDf8l1xnsvzUhKQTu/RudB1MoVCYTW12L5wmAOabjX2rfFSr+W+x8vz0LRR0UzoOlao23kBXo7kJkvgtdfnB7pNzCjb822q9KV6dy86NTkFZ2GkF4~3556932~4273732; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
23.36.79.34200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash a63dc437c26af80670904aea028aba6c
31d026a98693a2a1a026419088050f590453c87d
acb70810bd7f26a2d1cb996e9a2a15e975318387be2b9ff222aee1b421d20d2d
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=VGAIoeu2c2TZ%2fYb%2fmqNMktBja1BYur9JYAne3WwZcQZUAM6cSUEzBy6H7vdf0Mfd; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=7687B0EC1B16712B413DE279548E7607~-1~YAAQHk8kF2fKIYOEAQAAmwQdBAlV3Bc2NtU+X6stS/9apCsSkwC/ea2rKgzUZuK5NfCPc/5BS+F/jUdvgu0ZJgKczJ5u5BAsPr8KhqOdLwpjv4wjD0BxrmJPpkm/aRME789ZRDhOsYE+sqi4FMkMl7ncx3Y0D+jQzKe5GseyO5izgT0F1zphqbfSqhFuq4OVDoPmJXopLwBy3LtbSqmBtnBykbfh3wlKNTh1jIZrGZT1auvwVuDXpaBDjgep7fvzpY9o47BGQT+hDfZCvYT1MBHBb9y2bwKednerE7uD7rxyq51C84QliTaYELHzDQt/w/PqT0RMjdAO7qzhidw7GMjDvxYVteFEXL98BjH3E27M2OnZMMgtY6L5jqJT8T62ug==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=BE0566E10E08C44BD520AA2EB6ABF59C~YAAQHk8kF2jKIYOEAQAAmwQdBBI4cfIxIAOAb+4RY52K6UY4k5TEAonRWiH5qdD995q1FnXqlQrl1O5BZf/cGBoxfEBLTwj1gMP2XQWGYNXsznNQdhFHXrVIpD+ycxK6nusp/rfq8mN42h89Da7F1CrlyNM6rM+zi4KOXuKWyyGwsOhF6edUZBgYX0DiZox6uUIVc09NQdSepXte0zBTVOa0OxX4rog5wlFMQdqH6gN8R21fakdDXpj1cctqwHyv4PsnRVoL5jTY+Zh0yz4SAz2IHJxX5ecPYOkigbKN6Qbk46saB13O~3556932~4273732; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
23.36.79.34200 OK 79 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 69430ab2de645f12ff46c72800eb697c
2685c52b6245ff0b4e9f13826c0506f12cccaf58
00f05292903a1f7af33f137e76b6666456cabbd0a697fdafba1a5a6d17e34d90
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 79
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=iijwWP6Imhj4nw%2fv86W8guBjaenqXzBVwZi6uSElsKsXvet6wktHFsp994frpGVE; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=E1170BCACDCCE9AE453087E364CB8BFE~-1~YAAQHk8kF2nKIYOEAQAA/AQdBAn8nRuXMya+HLTckVGhsVh/quvSYuXE96aqrkS8pQmgU0TX4RTAz+JtbbBzHmjFAD5FeuBIg0jrKGBja7SAt5a6A2xKXiyfZY4saPlNTwZpRkVxLwnO7BVICS7XEszSzByHqPr2Mdn66sXhJOiRySFa4C7WD/qOvwK88zW1YXyBadrEnAI2825OfiZdZDdfdVZ8fBpNO3qfsajZy8mA80NkaXJtR2rQ5McFCmlq5bu94S+uFMCpkH17iD0qGKEpOFMT+d60fZDZtXNJe26Y3NK5T7Stv7aTRT6mVKl+UHhUAcjrbk8V1Dp5o89q9o9fYarxyNU1kzS8Yr77Wv4PYGN8OPHtItDHrFanevfEyA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=6504DCB66389C416BF0DA276277DE3C5~YAAQHk8kF2rKIYOEAQAA/AQdBBJOa3KOCG99Jo9mZuQRpjFy7vig7iAeEJVfZVKnvYDlLINKJ6OOicg2IjLNwjU58xMpPlytAkfPeVwL1ZQXdMYXR/5tY/KZQZp7mnH1p8QLO+RokYsK4h4wLZ7uGSXbanwFqmkD0Tp6ig35I+Bt700c8H7qc8sXoAnBPH0omaNodKfoLsCDh+xwXGSwFuPd9mGbslI0h6ukU6o70O7C42kseotQvI/XxymqycYgTZXbvMTeuBli767SRfsn4Plikdkf5k7aGTss9xOh4FguC2mF1d6Z~3556932~4273732; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
23.36.79.34200 OK 131 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash b2aa02444d491833cbc4f9e38c2816d8
e0544a75d8fbd979ff84ed4dd50565ff4ca47eb7
6a5ca3198641997f0c6a409bf02257c2c2ccd272fd2b181b5b21e756137375d4
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 131
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 02:14:48 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=%2fqxvHDDlFhLBczeCEfZnDxP+p8PatkngzcYhwO1SifqBEJtQy3CBJW2em0e2c26o; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:48 GMT;Httponly; Secure
_abck=A429EA236F2258D1F0D1F902822BAD05~-1~YAAQHk8kF2vKIYOEAQAAAAUdBAni6o/5V9JPuZEMNoUzpZTK3BEHgDIsGCE5DiX2oayAnsEW5Y9pyaH3AtLfneZmqHShJaxjofRnK6um6xa0i1pDz5m4leCxWNSV3CPn7s+zfXbsykhXyDmBAJ7MddTh05F+oLEjkSC3mffqDJEIiifpjSfwNXIocLcMKMBIkBFp7T5v0SVGI+q8Rns+wOFpVbbuYEqY+SlNgBYNvMlP1cNNESc7p66yPewtuXuV6AzPRsfqRT416T2It/SjGHk8xcYJr5GL5N+lWK9qu4H38KGTdp7P8X8Jd77sKsKZH2IIKKpoV3tncSJGJf6sRE3EvG7U2IcKEApLxZum9iBU1HvR9yqh6xO4NEU7UZEivw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:48 GMT; Max-Age=31536000; Secure
bm_sz=779880F78107635952839F431AF0330C~YAAQHk8kF2zKIYOEAQAAAAUdBBIa7w8dWrWdyWk8ZIw1OaJ+CxOaAm7oGSxua/gOIPNNOUZi5Kiq4kxTnnGrt/5nViEWXVg3OzJp6+D0sniRWx3yoD5xXqo/kYEzdvQwvBpRjjLy3Yas/I6utcqnvE5LK0y/xoeUopcPcSTfzs0Wn09ZGERQmG6NGErRqnteVhavc/JH0eV4ABznoZFUXCpWE3PLmW35v6A6ll8NEXNX9OMtgRqxGqxtZa5p/qy1Aw441mO0r/BUTY1/hnCgCNP1yC3ukcrRrNTEGbIvb4SOa0ugmfyz~3556932~4273732; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:48 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/auth/login/static/js/general_alt.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/login/static/js/general_alt.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/login/static/js/general_alt.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
GET /auth/static/scripts/adrum-ext.js?v=61D468EE47 HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: In the settings, caching is disabled for matches for one of the current request's GET parameters
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 02:14:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 374605
expires: Sat, 02 Dec 2023 02:14:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4nOFTIn8HgnmGSF6JAOO0lSDf8Ehssbmc8dCZ%2FV7YvGAXD%2BwKvNsB5lL%2BukOjqfL9PmiN4Jsl%2BmWm7Q4veDs215KMQr2QIZHN9MaYiQptgF6TXqXonG35JnNQaUEHt%2Fgp6TEAI4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7782f2f279beb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.24.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.24.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 02:14:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4616407
expires: Sat, 02 Dec 2023 02:14:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyarzmuo91pM7o%2FS742djYri18IMcysbO%2FmtMzf%2Fli%2FFjNR%2FR2KB80xP6qW4XLJD6Dy9lAAousQIV9IrSpdOBOVyhzRiDg2WeyYH1PwpC3DyY71RGF82OZdOhrY%2FgJO9lK4jdRGi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7782f2f279c00b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.42200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 02:14:52 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670811292.dop201.sk1.t,1670811292.cds254.sk1.hn,1670811292.cds230.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2cae2070bb9150b3133d0096cbc0d2ad
f213a505828354b57cc5334d8b9063045f1dc4f9
6194f5b1d16f6746bce736b1b4b37d35d7005751c73112569794cbd92f9d68e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5683
Cache-Control: max-age=109275
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:52 GMT
Etag: "63958044-116"
Expires: Tue, 13 Dec 2022 08:36:07 GMT
Last-Modified: Sun, 11 Dec 2022 07:01:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
code.jquery.com/jquery-3.2.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 02:14:52 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670811292.dop207.sk1.t,1670811292.cds254.sk1.hn,1670811292.cds222.sk1.c
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
96.6.19.156200 OK 27 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 26708, version 1.13107\012- data
Hash 885d42ab7ffcffc42ed29816c3ce9727
3d84cb41ddfb5bf8627e2b9dc867237bea47baad
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
GET /wfui/css/fonts/wellsfargoserif-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Mon, 11 Mar 2019 20:52:01 GMT
etag: "6854-583d7be82be40"
accept-ranges: bytes
content-length: 26708
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:14:52 GMT
date: Mon, 12 Dec 2022 02:14:52 GMT
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
96.6.19.156200 OK 22 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /wfui/css/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5798-582d133e56280"
accept-ranges: bytes
content-length: 22424
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:14:52 GMT
date: Mon, 12 Dec 2022 02:14:52 GMT
X-Firefox-Spdy: h2
www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/favicon.png
163.44.197.16200 OK 3.3 kB URL HTTP/1.1 www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/favicon.png
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c883164cc2810c647ef47f309de13827
253ba40bd1e69ea9bb1bd3e861bbc3809e095497
2ef5d9374d972b966104f245e01a0939d10a49628a74b6ffb7673ea6cbec291e
GET /opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/favicon.png HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; _cls_v=ae6d8fad-7a83-477a-a844-58d9b6b605c7; _cls_s=f2a77d15-b094-4b0f-8191-79ce10887f7e:0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 02:14:52 GMT
Content-Type: image/png
Content-Length: 3289
Last-Modified: Thu, 28 Oct 2021 00:21:52 GMT
Connection: keep-alive
ETag: "6179ed20-cd9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
96.6.19.156200 OK 23 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /wfui/css/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5848-582d133e56280"
accept-ranges: bytes
content-length: 22600
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 02:14:52 GMT
date: Mon, 12 Dec 2022 02:14:52 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/secure-auth/utag.js
23.36.79.27200 OK 10 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.js
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6980)
Hash 53fecb94ca862573fe289d05a3ac54e2
e05a6a30c4b589bfbd38576e8f1ca90035b6594a
c43b372f7d5405f75776b9090318fffae8fa5f7a461065b90bc4ea86e0789e0e
GET /tracking/secure-auth/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:35 GMT
Vary: Accept-Encoding
ETag: W/"638fae63-8289"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 9979
Date: Mon, 12 Dec 2022 02:14:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=DBhJ5HLXTABTRL+h+LcpQg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 23812787
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 12 Dec 2022 02:14:52 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
104.110.9.46200 OK 625 kB URL HTTP/2 www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
IP 104.110.9.46:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2400x1600, components 3\012- data
Size 625 kB (625433 bytes)
Hash a7beec55acf059f8f2e69b35fd93a671
e3c3d2cc20962e77be670f7f7e9f08d855f9feba
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
GET /auth/static/images/COB-BOB-IRT-enroll_balloons.jpg HTTP/1.1
Host: www10.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 625433
last-modified: Wed, 03 Aug 2022 01:44:33 GMT
etag: "62e9d301-98b19"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
access-control-allow-methods: POST
allow: GET, POST, OPTIONS
accept-ranges: bytes
cache-control: max-age=10368000
expires: Tue, 11 Apr 2023 02:14:52 GMT
date: Mon, 12 Dec 2022 02:14:52 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2cae2070bb9150b3133d0096cbc0d2ad
f213a505828354b57cc5334d8b9063045f1dc4f9
6194f5b1d16f6746bce736b1b4b37d35d7005751c73112569794cbd92f9d68e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5643
Cache-Control: max-age=109235
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:52 GMT
Etag: "63958044-116"
Expires: Tue, 13 Dec 2022 08:35:27 GMT
Last-Modified: Sun, 11 Dec 2022 07:01:24 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
www.imexinter.com/auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
23.36.79.27200 OK 43 B URL HTTP/1.1 static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
IP 23.36.79.27:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t= HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Last-Modified: Thu, 16 Jan 2020 21:55:22 GMT
ETag: "5e20dbca-2b"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
$host: wellsfargo.com
Cache-Control: max-age=3600
Accept-Ranges: bytes
Date: Mon, 12 Dec 2022 02:14:52 GMT
Connection: keep-alive
Set-Cookie: DCID=sg1Ze4XaH5yMW9b8kVJi4P6Azu+fG8Sq9xLmRYiiCqlsIEfVC3ZlqcicDqGmRjzu; Domain=static.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
23.36.79.34200 OK 607 B URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:13 GMT
Vary: Accept-Encoding
ETag: W/"638eacf5-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Mon, 12 Dec 2022 02:14:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=yqzHrySmct9196S6Vjc8eu1Fio16UQdqYLjRMOgEznzOP3yzDMOqLjwkFqWnbYTw; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
23.36.79.34200 OK 8.8 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (601)
Hash a71045f83e947726800148bc8e994d14
b81e27a50b39508a861a10b578b5195b4bb03fd9
48cfee6af8a269391b5767d2c6541d800cfcd99a51e62d18be73f49b5919b872
GET /auth/static/scripts/conutils-6.9.0.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:08 GMT
Vary: Accept-Encoding
ETag: W/"638eacf0-5bd1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 8774
Date: Mon, 12 Dec 2022 02:14:52 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=AWrt61458XndmtUGClULMWUdqqq1rDzdbJaWXriLUCrPuxtNd15KynqgYa971b31; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:52 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 143ceaa7187c70dd19448e65c64fdc40
c13508ce5a522253ed22621becead7e15f5afbab
9607bc6ebf5df1e95137eab6278eadb1cd295e5176a8d66a507f8250aac84f3b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6515
Cache-Control: max-age=140312
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 02:14:53 GMT
Etag: "6395f642-1d7"
Expires: Tue, 13 Dec 2022 17:13:25 GMT
Last-Modified: Sun, 11 Dec 2022 15:24:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/loading.gif
163.44.197.16200 OK 39 kB URL HTTP/1.1 www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/loading.gif
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Hash d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
GET /opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/loading.gif HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; _cls_v=ae6d8fad-7a83-477a-a844-58d9b6b605c7; _cls_s=f2a77d15-b094-4b0f-8191-79ce10887f7e:0; LSESSIONID=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 02:14:52 GMT
Content-Type: image/gif
Content-Length: 38636
Last-Modified: Sat, 11 Aug 2018 06:03:52 GMT
Connection: keep-alive
ETag: "5b6e7c48-96ec"
X-Powered-By: PleskLin
Accept-Ranges: bytes
connect.secure.wellsfargo.com/AIDO/gateway.html?sui=b65358810b3e7dfe38b628dd007da90c51d4a8382ce6714515a9e852ea383924
23.36.79.34200 OK 11 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/gateway.html?sui=b65358810b3e7dfe38b628dd007da90c51d4a8382ce6714515a9e852ea383924
IP 23.36.79.34:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (22057), with no line terminators
Hash bef47073abd8f55fd22dfe5173afca46
b9c8bd6bbd0c549baacc85ffc90f88d735f0cbe4
5fcf1591c0bb2ecedca06b0f45ec6adb8df788e77ac65517f3ef7c1fdefaea4b
GET /AIDO/gateway.html?sui=b65358810b3e7dfe38b628dd007da90c51d4a8382ce6714515a9e852ea383924 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 10805
max-age: 0
Expires: Mon, 12 Dec 2022 03:14:53 GMT
X-XSS-Protection: 1; mode=block
Cache-Control: private, max-age=3600
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 02:14:53 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=aeTRQRlYB+Ha%2f5ds1fO6sYEsbwzye3HJhfe3iJKeLxpHIrVojveYuh6RhGj1yhBl; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:29:53 GMT;Httponly; Secure
_abck=B8C96F76289EB2306EE7D4B9C5BED9B4~-1~YAAQHk8kF4nKIYOEAQAA+BUdBAlA/t5RPgQkUnHqIwZ8ZYaSdrY2E+BCiC5p6D2rv1tXM48/1m/Lax3DASBPdc8jPACF1m0q23tNJErtpCUKrObsDia7SJRtREOU+H/4B+eSWi4KR4CZ+GhP84x+VOcU+nk6aVCj+72PbmAd7XYcGtNjqw7yLNl3gIQUM1y/vHBA9gWqtpF+1uZG1+adJkXXKmhiNECtvVrPGLLnSrJbxPNDdi8VaS4hJvprjH+r15sQ+gYeITNdDxrdy4nzpQemtIDV3c1hFx2ClJ5pQvzTuY4LbWP+WLflSNeZU0659Unj4y4xa0TAWSG8tmLDKZBKAuzhZAjKu8TRpPq7D4inzloPfLX84JIC9QWI+kZq/g==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 02:14:53 GMT; Max-Age=31536000; Secure
bm_sz=22188F18C451BD2C6130950408084B52~YAAQHk8kF4rKIYOEAQAA+BUdBBJErQSokN7q4HXPtcVsZ1HWwIvOX+iue6iVSW8ArRLEeLI+7/loI2eo0FJzbmyc3HRhNkLXYzoM7rLt87Jef+Cgt0AeUnNhPrkhyWKbksmo9y2N9K/07WTayN0Db7Y7mBTMA+4Rng5wNkwjBR9MfTPWbkQnC/dXcT0o/hFsx4d8p3OrEN2EZ9Q9jUG8/SGOf1vkCHOW5JlbOp1zuHVFLRCn2EsVc/idNXS2dYrUIUMtaOB+aD6JXu4/nBY82H01mde7TegT2DyTIlseUBcjBI6mceXQ~4601922~4601401; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 06:14:52 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fopp%2FwellsfargoNew%2Fwellsfargo.com_iceNi%24%24a%2FW%2Findex.php&icid=167081129109640149
54.230.111.39200 OK 0 B URL HTTP/2 awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fopp%2FwellsfargoNew%2Fwellsfargo.com_iceNi%24%24a%2FW%2Findex.php&icid=167081129109640149
IP 54.230.111.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fopp%2FwellsfargoNew%2Fwellsfargo.com_iceNi%24%24a%2FW%2Findex.php&icid=167081129109640149 HTTP/1.1
Host: awusw-wfr.advanced-web-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Mon, 12 Dec 2022 02:14:53 GMT
server: haile
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PxEwVstVylha0OVGbRGyjef28oiV_6ti079Z9LSewh2BnR28Ikrnxw==
X-Firefox-Spdy: h2
www.imexinter.com/auth/static/ui/loginaltsignon/public/js/runtime.2321a8e33b12b5146e18.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/ui/loginaltsignon/public/js/runtime.2321a8e33b12b5146e18.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/ui/loginaltsignon/public/js/runtime.2321a8e33b12b5146e18.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; _cls_v=ae6d8fad-7a83-477a-a844-58d9b6b605c7; _cls_s=f2a77d15-b094-4b0f-8191-79ce10887f7e:0; LSESSIONID=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/ui/loginaltsignon/public/js/wfui.5b2dbd8c6f5da16ba504.chunk.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/ui/loginaltsignon/public/js/wfui.5b2dbd8c6f5da16ba504.chunk.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/ui/loginaltsignon/public/js/wfui.5b2dbd8c6f5da16ba504.chunk.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; _cls_v=ae6d8fad-7a83-477a-a844-58d9b6b605c7; _cls_s=f2a77d15-b094-4b0f-8191-79ce10887f7e:0; LSESSIONID=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/ui/loginaltsignon/public/js/vendor.2af3639bd560569d55e1.chunk.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/ui/loginaltsignon/public/js/vendor.2af3639bd560569d55e1.chunk.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/ui/loginaltsignon/public/js/vendor.2af3639bd560569d55e1.chunk.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; _cls_v=ae6d8fad-7a83-477a-a844-58d9b6b605c7; _cls_s=f2a77d15-b094-4b0f-8191-79ce10887f7e:0; LSESSIONID=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/prefs/login-userprefs.min.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/prefs/login-userprefs.min.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/prefs/login-userprefs.min.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/opp/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=6g89uhm5epsbrn6mpng95qg0j4; _cls_v=ae6d8fad-7a83-477a-a844-58d9b6b605c7; _cls_s=f2a77d15-b094-4b0f-8191-79ce10887f7e:0; LSESSIONID=eyJpIjoiZ1NLNndOazQrU3pISzVXNWZxSTZWQT09IiwiZSI6IlNTc3dXNm5DSEhqeE5lckpsdnplSkk4Y0xmYUE2aURpaXF1NzhZcWhTZUhKN0t6aXU1K1NvVDFaajRCbDVlaHFmNWFyaDJtYjlFU3lwczhRRmhtdzdwTnJLcmRtWWVZb0RnUnFZTUV1Wms5NWVHa1NQWnFta25jV0dyaGVIWFA1NG1LWno2clJRcTlOMEpYeEpGYmpoZz09In0%3D.7b43252927591f22.MzY4OTEzZWY4NTJjZjFjZGViNmVjY2JlNDczZTAwNjg5NDRmZTdmZjI4ZGViMDJkNGI5MGQ3MDc0ZWQ4NmVhZA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 02:14:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 02:14:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 11/15/2022 10:39:35
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 94e610235c795195ba4d6cbcb1cbff81
cdn-cache: HIT
cf-cache-status: HIT
age: 256767
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7782f2f2c9ad0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2