bjornreybrouck.be/mn/index.php
301 Moved Permanently 707 B URL HTTP/1.1 bjornreybrouck.be/mn/index.php
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery phishing Phishing - Wells Fargo
fortinet Phishing
GET /mn/index.php HTTP/1.1
Host: bjornreybrouck.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 09 Dec 2022 18:20:10 GMT
server: LiteSpeed
location: https://bjornreybrouck.be/mn/index.php
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8001
Expires: Fri, 09 Dec 2022 20:33:31 GMT
Date: Fri, 09 Dec 2022 18:20:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7918
Expires: Fri, 09 Dec 2022 20:32:08 GMT
Date: Fri, 09 Dec 2022 18:20:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 17:33:14 GMT
content-type: application/json
age: 2816
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6484
Expires: Fri, 09 Dec 2022 20:08:14 GMT
Date: Fri, 09 Dec 2022 18:20:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PuobmvIsSVX2YLrGajOKxazjurcpUohyv6OpzLfKlU9Cd5bYytRDM5L9InyqPMw5xso9FArod4I=
x-amz-request-id: BJ7V7F44WC2MQTDK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 17:50:21 GMT
age: 1789
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
bjornreybrouck.be/mn/index.php
200 OK 186 B URL HTTP/2 bjornreybrouck.be/mn/index.php
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1227cf9aaeb752796e700921ef8f084b
a8da0bd4a4e7a1c9e04410d6fbf2629ec37322b9
8d0328d2c86298427e02d16815e19b27be8ff6f93f35673e0745c9e911f9c2b9
Analyzer Verdict Alert fortinet Phishing
GET /mn/index.php HTTP/1.1
Host: bjornreybrouck.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
content-length: 186
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 18:20:10 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 18:20:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 18:07:55 GMT
age: 735
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2866
Cache-Control: max-age=142470
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:11 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:54:41 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IpCRkTrGlFZmFWbTnqmOrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4jWX7bOO7CbgRgEwJ4VqaCtSGlQ=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c6c3cb8b2c42770b119c5b5845e1a18
f5acb474cca520e8ecb9f98459381eae787dfb7e
56aa58862805e2c7ff813f5a5c6ed190f13091fe0d27652a35471b1e7dda7463
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56AA58862805E2C7FF813F5A5C6ED190F13091FE0D27652A35471B1E7DDA7463"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Sat, 10 Dec 2022 00:19:21 GMT
Date: Fri, 09 Dec 2022 18:20:11 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 16afe57a1cefac94175f96e0b1875588
2d5529fec6d4d909d7338b2c193771d798260dca
468f3d30b09ee1d4240927c0c296bbd75b999b046d29d763b74e60cffc0f6876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: max-age=140285
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:12 GMT
Etag: "6392e5c1-1d7"
Expires: Sun, 11 Dec 2022 09:18:17 GMT
Last-Modified: Fri, 09 Dec 2022 07:37:37 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css
200 OK 2.5 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css
IP
ASN #20940 Akamai International B.V.
Hash 5d05bec210515094a569c911be5c5d61
b7a5b5c30565d817265cc73f454dce0d6ddcd28b
50680b1825c3142e3fbd6b4c9985e6c197e1a9ab4829c3cb817f4cb90d6526d0
GET /auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2464
Last-Modified: Thu, 13 May 2021 02:25:50 GMT
Vary: Accept-Encoding
ETag: "609c8e2e-9a0"
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=lwxXSPs0kN4ftgp0JWV0fA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
200 OK 471 B IP
Hash 16afe57a1cefac94175f96e0b1875588
2d5529fec6d4d909d7338b2c193771d798260dca
468f3d30b09ee1d4240927c0c296bbd75b999b046d29d763b74e60cffc0f6876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: max-age=140285
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:12 GMT
Etag: "6392e5c1-1d7"
Expires: Sun, 11 Dec 2022 09:18:17 GMT
Last-Modified: Fri, 09 Dec 2022 07:37:37 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Z6WVWnFcev0Ou0K+82bDig%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (35846)
Hash 42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Q8ZlBxbJNpk1swZAQEY9lg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/ga.js
200 OK 20 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49163)
Hash d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b
GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Q8ZlBxbJNpk1swZAQEY9lg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
200 OK 471 B IP
Hash 16afe57a1cefac94175f96e0b1875588
2d5529fec6d4d909d7338b2c193771d798260dca
468f3d30b09ee1d4240927c0c296bbd75b999b046d29d763b74e60cffc0f6876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: max-age=140285
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:12 GMT
Etag: "6392e5c1-1d7"
Expires: Sun, 11 Dec 2022 09:18:17 GMT
Last-Modified: Fri, 09 Dec 2022 07:37:37 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=J0bla1W8TxG+W3B295YfSA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css
200 OK 20 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css
IP
ASN #20940 Akamai International B.V.
Hash 2beb0f885999a04e8c74f2ae4ecb70a7
2b9c9aa8db27a0ce51dc90002766f07ba59fc7d8
52c66fd385f6c3fde47662845c247c55b713770b8c332b747364b7976d84a1ac
GET /auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 20434
Last-Modified: Thu, 13 May 2021 02:25:48 GMT
Vary: Accept-Encoding
ETag: "609c8e2c-4fd2"
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=5zHZfA4tYsM37E28lAnahg%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=HTpZ4BA8xEKFCqtde8EI7g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=npYWIOtVUpTzyfMK6Mo8Fw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
200 OK 471 B IP
Hash 16afe57a1cefac94175f96e0b1875588
2d5529fec6d4d909d7338b2c193771d798260dca
468f3d30b09ee1d4240927c0c296bbd75b999b046d29d763b74e60cffc0f6876
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6040
Cache-Control: max-age=140285
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:12 GMT
Etag: "6392e5c1-1d7"
Expires: Sun, 11 Dec 2022 09:18:17 GMT
Last-Modified: Fri, 09 Dec 2022 07:37:37 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3482
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3482
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3482
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
static.wellsfargo.com/tracking/survey/gateway.min.js
200 OK 7.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/survey/gateway.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (18709)
Hash 4e22de87d95250210841318d44411316
732d49d6c6fbaf72ca9ac3cfe7d34a08400506cf
b62365f674d8b5ce81a33cae6ad20ad15b03d10b31f6e639ab316e3480a7dc66
GET /tracking/survey/gateway.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 05 Dec 2019 22:21:08 GMT
Vary: Accept-Encoding
ETag: W/"5de982d4-4c5d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 7188
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=g71Hgl%2feWtZ4ycOZnqP1iw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.1.js?utv=ut4.46.202103251512
200 OK 2.0 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.1.js?utv=ut4.46.202103251512
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1117)
Hash f67acc5a3f56703cacf3b40067d6a62f
4e5bc3ee42947d654bfa5bef7a4bbc89c00d98a4
17006d5b261ffa4caf0d503d6d0b588dbdbf8fbc6aff432a4d602035122a50a2
GET /tracking/secure-auth/utag.1.js?utv=ut4.46.202103251512 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 29 Jun 2021 18:30:28 GMT
Vary: Accept-Encoding
ETag: W/"60db66c4-1153"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2011
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=PVu1DguEc4uDW+MeGBUEAw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 39973
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3482
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 40017
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 52906
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/ytc/ytc.js
200 OK 5.6 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ytc/ytc.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15032)
Hash c48fe5e804797f0f227c7b840d74a48c
af0ab8fe13f1dc1de7363cfbfc14eacf766a13c2
1a2fbaccd0201b433a5fe36253718facae1b50d23d6af5884279f563a7494c2f
GET /tracking/ytc/ytc.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Jul 2021 21:00:28 GMT
Vary: Accept-Encoding
ETag: W/"60f0a1ec-3ad3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5614
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=%2fUPyPeplEyyGlCNvstVPjA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 73728
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c94003641bb5a7595e7004f80f95d22
3446450df60d732f9021d5bfd5f5f7c6c870d9ec
4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 23:37:39 GMT
age: 67353
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 20796
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
200 OK 87 kB URL HTTP/1.1 www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (47281), with CRLF line terminators
Hash 031275e20921a7411e3c025bce299cd6
ea275f298bdfcaa914388f7465b315d90fa11df8
2eafebf0864c74dd9967f0375c5eb2a7255242adf10fa3d108a94dd59c4677ac
Analyzer Verdict Alert fortinet Phishing
GET /cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 18:20:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7; path=/
MS-Author-Via: DAV
X-Powered-By: PHP/7.3.25, PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749
200 OK 2.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1022)
Hash a14fd9149c74dc560cbb2b19a945ef73
feb2bb1497fdf3810f823e09124f310ac3dfe9e0
314c74f80c31e727c06da493e10e9dba8cc3a80f2eb07d06463c486a3ba10ffe
GET /tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Dec 2020 23:04:06 GMT
Vary: Accept-Encoding
ETag: W/"5fc96ee6-15f9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2186
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=xzDFB0j9lai3jb11Ao1zUA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209
200 OK 2.4 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3223)
Hash 44449282135ec65f8a30f2d0019559bc
b5345b6412524b284661df58083cf4a69137bf07
4274fe65bf4837e788240c5554ea146522b4f639497f86f0ebad1cfdff13e71b
GET /tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:42 GMT
Vary: Accept-Encoding
ETag: W/"632cc052-1c52"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2392
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=rIa4rP16dqBHBnsoObb5+Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053
200 OK 1.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4209)
Hash 7251c21cc4e7be828526ed0d5e218cd0
87abe4f4f42842077a75808b7c7e016b179731bb
472d727e0870b9fd4b6f965c73d41d8e4d3a9739f1f966e5785139f4b7492996
GET /tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-16e0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1663
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=05mE45Uw0eHUZeGn7WjFdw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514
200 OK 3.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1579)
Hash bda63f460bc390b7b26d7c6bf49bc292
a9e353a34855275090f1812746caed3ecaaaed10
c7d2d5ed51d288030e4f53182ad497193a669255e1c9ab0f539765d0c9189218
GET /tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Oct 2020 21:48:43 GMT
Vary: Accept-Encoding
ETag: W/"5f99e73b-28df"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 3220
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=tpLIS37B6JEApYKCOrXLJg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956
200 OK 5.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2575)
Hash 9b6e37266171f49f824a6e39a413ff6f
142cc5dc8990b0d62bbf391cfdbd10cf4fbb595a
9e08142c6288d72a8448c65148ff9ea288c8958942bb36482f2409f504f3518b
GET /tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 04 Mar 2021 00:30:32 GMT
Vary: Accept-Encoding
ETag: W/"60402a28-50bb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5672
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=gPOwXVbeWAj4ohDYNnRB5w%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122
200 OK 3.5 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3237)
Hash 366c78f63905a07a51fcf2ca5cb938e6
7d7b1a2eb08c7972faefff64e841ba22ed0e04ee
0c587e2186f735f5ea6625edb02eb6690301eaa6c87fae4ab8f37d93610bcd99
GET /tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-2bba"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 3522
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Kq%2fjmqFSyNWgBVGfmd3iJA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/css/style.css
200 OK 190 B URL HTTP/1.1 www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/css/style.css
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 171d4b7033815f99c79bb13d5a7a4042
c00a8cdfbb438adae5e2e51a8c1969d341476922
e4f7e5605680d92d2f2c7fa402a5f03c14c63f11a24bc80ce8edef9150c23d5e
GET /cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/css/style.css HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 18:20:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Thu, 28 Oct 2021 06:48:28 GMT
ETag: W/"22109-12a-5cf6419146700"
MS-Author-Via: DAV
X-Powered-By: PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200
200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1071)
Hash 43ec84506efb1df65f7be5764c4f8140
d9b3ab4e2cca9334c1290ffd518b8000080af784
5008a2797a0a577262b7e24bab726817ad2e914c746a425a4d9e95c03bb5619d
GET /tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 08 Apr 2021 21:15:26 GMT
Vary: Accept-Encoding
ETag: W/"606f726e-a3f"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1343
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=2kfPwTlqNWd2ulYyf5XuIw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.584974079897582
200 OK 56 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.584974079897582
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash df6df582c5f763f03ebb8db24c881dae
6f783dcece45c2c313209142654da5222264c603
63dee95dabd8d3dab174351dda268200899968b48906575c7ad3d6088b897b51
GET /AIDO/mint.js?dt=login&r=0.584974079897582 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 55577
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=xYSBDsrgA+4jVLy8eT%2f1bBQZvKY6xZyB26aYHPykhDBz0DCUcskBY3n868JIdCRd; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/try.js
200 OK 39 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/try.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e389dc7ac1a2db318d4d0ae9f4eec44a
8f676b875a26c0215f9b7049cc8a339dad9a1740
5b72d4be9e962e941fcd1f77858923d33f18db25d225dc44024f95fe7c44d4e2
GET /AIDO/try.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 39310
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=ktnEEjx02e1GGiJzWeezRL3Pwa5MjG5UBs6TbtXNvYEFZSU91mVeXXS5U48AKjjY; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
200 OK 37 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f4aad07a0ba46b995cfe68ff1774156
7e3292611fcfb976d025834202582c1405eaf8f7
93dc386098a236ede19ad3a2b07b9b96d25b3f1049f2eb7c3f88ceb70b711a45
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 36977
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=PfC3X8HQGyClD9GS0zNr4McwryY1kM2Z7fAskmWaRJ4eEEL7tiVrP9BfIj0l+HjK; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/js/actions.js
200 OK 504 B URL HTTP/1.1 www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/js/actions.js
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash a929d6eebf69eaec9a46285c50f74994
2e42a8ba54ef0fdd2c59252cb9912516d6de1d7c
9d670b99192b4af1f0e339ab729d0a4700055d254f3d18f6f2b44ef76dca3eea
Analyzer Verdict Alert fortinet Phishing
GET /cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/js/actions.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7; _cls_v=af755e39-5dc3-4753-9615-7b434ceb6b96; _cls_s=4fdffcd9-836e-4910-a974-06631acc6fbe:0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 18:20:12 GMT
Content-Type: text/javascript
Last-Modified: Thu, 28 Oct 2021 06:27:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"617a42d6-50b"
X-Powered-By: PleskLin
Content-Encoding: gzip
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.302572123598544
200 OK 42 kB URL HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.302572123598544
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4ba27a7f636fe7fead168face3953900
edd31f58b44154dc93e0d583820322c5b2a571ec
9d51c45594b725e6355a343826c51d243e29115b0034cac6181538b3db3aa8cf
GET /PIDO/pic.js?r=0.302572123598544 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 42452
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=A2tgkV7SiwE1I6ttbN7ck3e%2fbM6e7UkVHp0TjwwUgr4SuKaAZImTmYPrlVsCeqAT; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/jenny/nd
200 OK 17 kB URL HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2285)
Hash 1ee0c1ae618b91dd2b5542e1753f94ed
93d05832c1504c2a95f3eb03b9b697b2122a1b31
84e0befcf359a479abe189f782a400b8964aba1c4abbc6fd37ee8aaf6704ee56
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 16989
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:26|g:8f36f970-5082-45c4-914f-a99970b224f2; Expires=Fri, 09-Dec-2022 18:20:42 GMT; Path=/; Secure
ADRUM_BTa=R:26|g:8f36f970-5082-45c4-914f-a99970b224f2|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Fri, 09-Dec-2022 18:20:42 GMT; Path=/; Secure
SameSite=None; Expires=Fri, 09-Dec-2022 18:20:42 GMT; Path=/; Secure
ADRUM_BT1=R:26|i:302812; Expires=Fri, 09-Dec-2022 18:20:42 GMT; Path=/; Secure
ADRUM_BT1=R:26|i:302812|e:3; Expires=Fri, 09-Dec-2022 18:20:42 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=eefrvddlZLR8MnTnnhhP8H8ZvdpDnI0q9u9qwlhgdVZNhrHr%2fDdQEdXcOUcFENty; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
_abck=2C03498563F8A6803E36CC721783AF8F~-1~YAAQFE8kF/lIV4eEAQAA5sod+AlBxVvHr5buJ1csVmEIrOjb4Dwe8tKZ9t3dkQd/JduD9MMiX5zkoMvm3swxvODIZdPmGq9b5LI9lW6OoxngDfHKBIJ8PLodv3aTvaKubcvzlewe7oAPlI7C2djGsomA/NRm28AoENuXD15y8se50cUjjGtGWs3OIFFaaIR4VV6OsbhhWOrgqqXuYKxdM0ipxvG3IiOYZr6xakNLc5nFUtgBOAXM/UafX8xu8ErjVYZ5BXkML5TMwBVpx9mr8t9Pvs/YyVEQJo2n/p+B1JFyhCB6mGo9CyZ7jPunjLGIit117LaR7sE5ojXprHCxm6tqYIqVinbrxWD7d7yOodLdXuAECo0C1WpxH6anGuLxWg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:12 GMT; Max-Age=31536000; Secure
bm_sz=ACE03A2E9A2C52B39BC7A7C7A06B1D11~YAAQFE8kF/pIV4eEAQAA5sod+BJ9lPoj0h4Q/ldGHcYZJFmbmaXJ0HVhYB7X7UXUDOKMK3IxCF0PZwy2ZiNZqvQDP0FdmsijCJyZsH9jlFN4AAWgn7v1/8hqSxHf2cGpRBvzV0xECKY3KDs7vRRqz41WVMtd+XrwipSvNnIMtzpCrzd6WOYpwivSY1mvL21pJf0DyzIujKOLkyuOINcsep+a1XQL6fVU1hkDioFjOkzPmYHafu/69Lhb5qybPTc6ziJ8Q4cX+Zg9All9+XyXvx/oq6PnuvDIo495zP5fpNrZPdZp5cQg~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/trx.js
200 OK 54 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/trx.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash c2875b174a2282b9cd8d40244ae7f739
961fe4fbb4186d8cd6402dea16d759ae8799cafc
cd75bad12f7563fec944d433d7b9254615632a2fcbc2c1215a72e7ff90e0bb67
GET /AIDO/trx.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 53940
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=GykE3NNo5xDO6HePdZvm2F3Csd22tBfs1Y6kxwRDCODsUgEssE7evhj6YLSlzpZ6; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050
200 OK 1.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1142)
Hash 8ef348be98d33d036c76772130429a0f
0ff80908b030a9d097cf1638dd903f315791c7c5
64c81f54226a9628d8944de4a31944b810f28de5db7844bfada1ee6e18c2fb8a
GET /tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-ebc"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1682
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=+sg9kl3nak1U+EVSuuP85Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
200 OK 141 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 86dc6547f650f6c168b4ada34ad4f52e
2317c5aabc5bf6735a61ba63cb9dd851305ba8b4
3b2eb2033cfb6a18161fea0f141aeed2a2fcff9d79c58f1ff48bdac45ce0cb93
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 141
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=GK6mwFJkEeUKllkILlZ263+EXlEb7JoxNmYf+clf5T4p+BWgvGFRKxjv2wva7kf%2f; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
_abck=EA02D73C0B68D510A0668C5B948CFDD2~-1~YAAQFE8kF/1IV4eEAQAAfcsd+Ak+M/KP0bN8Ql5E/rjZl33GW4n1g/qOCpb0cQp4BTb8qIKRyCVGYQv6+6cySWc/CjKnYob6ucpdDn5Jox7J2NfIyNU5fr9QTCAFRmZ0js+zk7Wa1FaPdxRcls2DxmDGZPZONXpEA1+qKRR4zjZ2c98+cvtOOfg+twli6lTogoRHUzdwj8N+tNHaxhf0NcKFChR3v8K2Z9FNZD/lorr59kBKMhllGq/XYFOmf7GKT6zjHUMiz4jJdmbv1z1uc7tvmoJh9XCXL2+BJu0RlP001GYpgssj5t9+LmwUV8uRMsuTzSGTeuQ+mpbSr7cGxh+F6soYxxaXSttt5ss4Wf6Vl0tOWonUd2hgAQ+tOzYGAA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=7A900C65BC99A7CAD462183717DAE5C2~YAAQFE8kF/5IV4eEAQAAfcsd+BLudeUub3s9KsrLBzClFf+oJThyN6d3xktuGjxUx5GFyx0ufHHtRyYzGTwkzwn8cPDcN1sblZPkIQB7gJvv0UqZs1uLO7ZaEM8qTsZCEEDMDH+lyzEWuO69nLcuJ4drt+l9p4CA7j+yiTTY0U3xbk57ugu/nQtmV56ScHdkgN5eHyRDhxsUcCiiLbWNx87lSeBTXGFN5NmrpUDoHw+Ex4ViJ9s0XONC/khfdjZExZqk2ceD6pdo3o1+p1i5hzssfSZUaIx/2A8sgclJyIILl6vzOftN~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
200 OK 142 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 42136946090cda75245e99bdb2661918
269b21d4acfa02ed0ae26ae455cd43a802704e47
dcd55e0cc6c093a79c3a24bd4d61f79b97bbace87f53fcd6abe76ce2702fa726
GET /AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 142
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=n1LPvI3AiQ2LQvN5orm1HMb1iGpaDxVgITTq%2ff04c54lHnSDoVMtmhQLvZ5+Ed6Y; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
_abck=8DFCB5899AA115D4C8DF1F731259CF94~-1~YAAQFE8kFwBJV4eEAQAA0ssd+AlVG2E5JzZH7AJwsgeWbKyscaKU4TN4YsGVaazKBKOQhQ84muqkBuufA6OcT7ChRo+byNbj8QqebK85Tjiw2jXpBqC7NXOYdh5AkK3kLQ4fJY6qoeN6Pb6V9vtaIOpueMwpSDwbRob/7LrkzeXbyPpdEFsf+bPX8IqBTNGXgYGSZrx9hJ+Y4pnOWLwsGhDyY57UwpPPite92B+RTmDP79f+8TNbj8NXKZPaBhqr64H11785V3CH1vgZwS/f72DRqTt5k0QWDV4XbOEl1CJFaFOb6oCP1m1X1JiKjy3mh+ZR/v94AD543mflvhcn8R79hoFaWMhiA/dfWd8BMARa1FCLT1Ns/qKVzu5oMWSK+A==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=27E7143B726CF38DD68AB3561083D3DA~YAAQFE8kFwFJV4eEAQAA0ssd+BKYg33ws0g9edMpKYRnFtmkEvjycSO8aVxbqvWzII1xps2Ek5w4re5/88wGpSs1IzaKTEgAc1JGNwRR+PHwXlNTuLgPH0/ATL7fLxu+eLW++xMtQS5f3m5BH4bhzpo1jkvcK6m8QQzHYZXkfFB3ujHsmXB+7vXKxuLf0CFjNqceX5iIIiSWZDns9ZOhmsDqYaRcGzpMfRXPCm0m0lQNUcUOTaIGTL720aRukmUKA/BlsHkvp21XVF6SH7nOXFlh1fTzIOV7Yljh2Q/8gqIttPv0X+d4~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
200 OK 132 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7e44326a3259e79b98f186211aba778b
ccf4f6dfaa776039a5ab2db32bd9b56fd7a0ee7e
6e72d742c71556542e829f2e9344e5a8596857d2c556376d759173136cfa4362
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 132
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=fjkf%2fZpwUmXVqWXROhL2f6Rpf99n5YdCgckEBrua2BZ6q+QWkRN66eMgR3LAy+df; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:12 GMT;Httponly; Secure
_abck=14A3476549E1949E36420135EBB17742~-1~YAAQFE8kFwJJV4eEAQAA3csd+Ak7aWzm4Oeb2TZokvknejdeewUDgsOOtUfWheL7kVF8yH/aiVq+ZvLdtQQ3mDg283H3FP7jLeYUlA6wiAB8Iej7nS+oH8OiKcT7rVZZ/jO3Cu01e2rGwiL8rSqEC0OhTjnrWjkc4Oi1Mg0V2d9dkMjs9ibB4vGgQi9yFkJTZoWOMkVL8GGpvwFdErZi9uwRfNW3+cUwwgVf0WjT2b2R7fijX5n2y4NZsrgmWN7UKMS7XS3g0gTz5ZIl7p0SlT8A41pqMzEvs68RX+DLYcoQlkWM87kz7gBbsq45CK69OZpc4NnbOMXjD54iWxtR170Bx/xjYOYHt9X9z06q0pHkdusaCkaJbKCqCtEdQuAYDQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=C418B5A8D1A37893ECD8D7DB0830D977~YAAQFE8kFwNJV4eEAQAA3csd+BKQmfyKM//F3zs0TyckWxmrJLRtPk3uCLgVtZWLNKJ7BRiH2vBe2K9lvUSrdoH5cWvjyWqA+c1GGVaXOStJdcTfpWOcjmYLchMUuAH0b97uaTrMuJE3APb7gC3LpACKzasu344WXFcMNp/VsmSQ8jidh8PeYzwG7wgo4ycjvN/5nNwv3fJ6ZqeWwyfJKkspJFu7FYiJwo34xzh0FaaV4ESJKov+pHkX3oDkHr8fM5sqa6x0zcy5ao5h48JlRkR/opnsFAqbNX7f3zYrLNyCMl2HPdcN~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash a63dc437c26af80670904aea028aba6c
31d026a98693a2a1a026419088050f590453c87d
acb70810bd7f26a2d1cb996e9a2a15e975318387be2b9ff222aee1b421d20d2d
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=pWutCAMnJlLAKUZ90fYevSGIAyHJAUyHhylcFvvl3DyNjZecZTEY6NuKwaPRl0Pr; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:13 GMT;Httponly; Secure
_abck=32E8C232F2B3666D28453DCE04CF33BA~-1~YAAQFE8kFxBJV4eEAQAAGs0d+AljNQjGWpwL8Qte2CjXw1jvVmdT1D7Pr4ClKCZolCwhxcCnkIwazfaQFA/Qg12XzjhDC7l1QPtW6slzw5xNUjWqA8+Pq4mLKeagIGdn7/DVDTpVWW7eEO1cqqI/QwTP8cEV0pdhTnJpyYzbUED0C4DWz3NWsbknZhfQLYivm4SdsJQvf4xxmFCvqaVtia/oO5a+dtyUGZiK7M2GsnDKBb9oLMdzOW6Vtuwzvm97QjYJ08yDni6WE9/+PIIFQxNdq2hEfhlI6eqpFosCFrYYrVoCt4J6RRrXjkDh37o1cnIXHoI7Mwj+c19iCnDtexO0wurSB1XpuWOUw3fjhwlJQF6sLn/I3PODt1KSfqMBOA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=60E9D390C215852931DE9466E28660A6~YAAQFE8kFxFJV4eEAQAAGs0d+BK4q451wwAC0x/i6O4PFwJnVPGD76IwmTeCxv3XFdww8+8unoG7mJa5SRqUvemCQuMmdYOqS/RXH9K8p0QojNd/zCXUxFs+FIIAbzONSmSn/sXhnFO4MmzENCPQscJdJtAZe0MVfFSnpcjf/3jBoSkKOydTfnGEEMo0rJAnIy1ZaHVTBG5luiS8pPk58oK/CCdfeCgkREcgu/vkrcuJA/Con01Q2wzyjcAk9Wlq1pyQB2axjXMXQ5lO2bOw3vsPg41Wz7dSpXge3Qq3uHysqReyw40r~4407601~3551556; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:13 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
200 OK 79 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 69430ab2de645f12ff46c72800eb697c
2685c52b6245ff0b4e9f13826c0506f12cccaf58
00f05292903a1f7af33f137e76b6666456cabbd0a697fdafba1a5a6d17e34d90
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 79
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=p0QUq3F1aDgBd1dcMQzvCYm324IONGebcrlj7VHWfAiwY3Su%2fPgrUI9yUVUzk55Y; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:13 GMT;Httponly; Secure
_abck=EF383712015C26B087FCD2074231F5E5~-1~YAAQFE8kFxJJV4eEAQAAHs0d+AkVT8f02zBT7RXE7c/+DWsw10U9ukl2hGeviE+b/2iYRUCkQ0Q0xjLPXL4ncT81atpdm7yAg8l8v+fnnRt/5CItHLhzaNA2y1RmccaAK+aRe4AXuW20v17cCzqmMCCB6FWi3oy+HVYx7infZzu6EMgLUhSIjIkkpV8Od9shbjhENEn7EcdkyW/11WwHcx8TObO4nqzcfMCuSoh8oIJRLCyKrJqeWUGWdv6Fdjr3gsIk8uJNl1CH7vmBCBsgDuM66owhcS4vYtWpfWdjvIN+yvr8fF8AyDqYzzql/HnQe2wiF7K/EMtSb5eOOZ70juFbzQgmqGLupK1JdgxabIvnDmsskuDagGUMyzaAFX1iUg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=B6EE9483567DECE61DD6D86C6ECE1067~YAAQFE8kFxNJV4eEAQAAHs0d+BI43ygFuDHq4Uktn9zH1TTApLaNLo9gW9mUTTXeXiFqo1hwRClF31xvUPgbfn9UnRKEj886OZcoWPxdrRfmkWPsMcyDk69WE8y/Ep/g5ZQucMiDuIRmh6q9e70hIYFCVFABuM/5dZMsXYteYGNpQYg+Xr3nlituRwPaSpTkCYeEqstArAHtk5759LUCI0YZUIqdPmNsazOMXRkhevbBPxbNmSX7UYOtseLQNTsSg8yo05pT/RNzFNmazjkeeUZxWLefGCbH/GrAOqQ2wVNKnCcyUO4l~4407601~3551556; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:13 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
200 OK 131 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 445c2a116ee0bfe0bad43402c1b1693c
e03e168f625736fce6038a13dbc265e79919e173
5918b3d659e041ea531f4d524002b72b8e48bd7f472a3fc28caae3f9ae3ed631
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 131
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=640qUzH17Qf+LhvmTHPThACZF7EWe6%2fTOsYxCN+bjnlSYYC+33f+jN6mDKsJO3TA; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:13 GMT;Httponly; Secure
_abck=31AFC69FB2A1841056ABB4C03FB8972C~-1~YAAQFE8kFxVJV4eEAQAASM0d+AkQi4EjCzushRmrZzrBoLSE3t6vMcZukcPQDDG8j2FdTQi0/MqrphagiTccNIHjnGgNZIR2dIPEJBixgzbNAvW9GmbMTW0KhHZBnitq2knRFnxmdQJEEpofiJYnHOdejAhLN0J+1CZ31/gT0vQhzftim/EUTCdVNkw94TAb67P5j1+uXfH2IeKFWCJYTQ7ALjWmFZ63PoH6h1uGencNe9ZUUdv4og3MWiw7Qv7po8JNcv+ksx2/H1ZUk+nP56/4c5ISiVUnnfuSjoegMhdft42iWvX2uK62K767Y9HoiZI6Z4MG+u126Dn3ml7X+KotLS8M1pJSWOT3N9cUoo3+S5ea0KIAM77kfVm+AdxO8g==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=FC48F3CAC1E02641FD336DA821032462~YAAQFE8kFxZJV4eEAQAASM0d+BKK0AMrHIa1c2mvPvH8woPlkI1/rnOkrZNW1Mko6wbzb9Kszwhl48NzOkqOSr+GT0HsuGYpyPzFmeFjlZJDB4UqegtUtsIbqB+RkV1Rmj8Ap9niTe3gbf2UxZN+SYPO68OiKwM/MQiu2kfW8Z9uyQUuP28Jyq1ohjO256PC7oE3ohIsB1GfntfdDhu9jW2b3CpFoclVndGX6O9iJWnKBOE7Zw0bGzM3kVZcGX1z70J1QmUxzCKVyvjzzWkH1YV/wLSC0e2l0dSsPrty2u4TJROaRCfz~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
200 OK 131 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash b2aa02444d491833cbc4f9e38c2816d8
e0544a75d8fbd979ff84ed4dd50565ff4ca47eb7
6a5ca3198641997f0c6a409bf02257c2c2ccd272fd2b181b5b21e756137375d4
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 131
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=RhE2+BC4gDIAZefiXdpp8JMeSqD3APU3f3nRxVimmis%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:13 GMT;Httponly; Secure
_abck=EFF7038D555F2660F06986E8F8C3392E~-1~YAAQFE8kFxhJV4eEAQAAgc0d+AlN/ZnQafHQ9eMbJGM1nAnoDumKG/ikqnqa6AcjR3Wkb4Mj67OKILLv+Rx9Djz8E7MJWknM13K2cMcmasLZn/zlp7zm+IBE1VbsH2NpTyYjh3Z72n3CM03lUytyHEwusOa2jv6bJoI/8/3DCSuppOKS7HCxGt6fw4QCUcVFa7o8duuEvtu15NA1iziKwQUTxHrmNKNxZ6PXhdLheXOb6w32zsCxfJZb7r1mXAlhuQyDsuc3trFPm9iB6VrDNwmS+oxMcOxbtCFNv/WwawJljMihgz0kdIRRDq0oVopunBWlV7TjRO+YGQFOnqLFmHFajS6RGGkCJ/cM6FSKU4kc0pDQ+PnWs07UWo2eDeJXNw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=957358E17FCB64944CD55C49CEFAA6E3~YAAQFE8kFxlJV4eEAQAAgc0d+BIIbCtjV//KHGkex+OaO3rBlzKUO9l7GujWwfoabQfpAyoYnZKvMGM19BOQCgCSBGzNme9T7miJl6iqltD9YRN/JDy5sjSz/T8NJOH4wCQDeRMTy+Ilk8aHl3Pnbzw6uHO4Ud118W5hq92xBV3V0y1QpOKACXWYIvGh7IQqfdiLIBbpZP3rUdSoLgwn4zys/hcJkigjN31a05upCZAey9uezGXlO0KFfTpJ9gu2nbMvYFUsslpNtoad+PzWjEkpoOqQ6wpHAdH+oIIzRJuoVAd6Lyy2~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
200 OK 89 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 730f77f050204ecf58f930a84221df25
18a7d47621382f421a3eae4bb3f5965ecb27896f
70e48b653f8f6d8e0d7d043c6b1a308a23671acbfd4fc7c4547ccd70a3ab0c30
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 89
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Oza2H0jKoagFmEAB7+dKlewA9%2fkomf8iEmD1XpEzDyk%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:13 GMT;Httponly; Secure
_abck=9A1865C8EE1102BDEF4E98C0B8DBF999~-1~YAAQFE8kFxpJV4eEAQAAgc0d+AmZNWjycnR7uRktGzdyosElcaDg5uRQ/DHsH4bo+WLcEK1gZGqdN1iS+91lJooxaQ6bojQfqgDKW5HEurbcXOF4YLMRzLEZ52P82a8G8AQ0kJVKgukEjul7MWhoKbuXg7IrDM1bBgf/YZtPPudswrgKryywlNV+fyj3U9ubiVnv4kKeISn9R9P+Ook1zbtjP0Ty3uyIh3cY47ckbJJowGF3Vb/ToLOb4FWFg9jGsJYH6dLkXN5mmONPZW3cglI+6gIRcoflg2hlSraTuqsI/QwmM2epqEBw/9/6/9VELA4OfPILkHBgKw5uXqP5D+MnWGUr4cBmAeC1IH3cvAvqHXEZUB+e23eIcJm9CNGGuQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=118626D2A52AC8C88052E63EE28007D5~YAAQFE8kFxtJV4eEAQAAgc0d+BLV9ok6emFBcRVP6jAESzvq3O1c3JmwTImMUxZy1ZpgRXkmxdWsArJzsftnOPjxbNZyqbJb4yoM83RXb/U557Flcyo6521hVmvCfwzQdsfEWhy+bHDHJha+lUcVbqU/qZUXUR6YZSk8YB6nfap32Sjd49YvX3/IJQECJoGKtdHWbbvOnjFBAwteF9xktOw2miIpZH2yyt0ozBoC6znbdfTVwQzI/BdUgXU03Br+KHtkoPohCPAiTs6fpK4g9ZdRmzbQIyJSzRJvp+YT62uHRo3icQYU~3749682~4408625; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:12 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7843a499e666a1b8567d82901791c312
974058d921e31aac449f8b89061e88a123d3ed74
b3e55c0f2bfb5b62aede5cf0f77d3670680607f7d9ca3f6016f61dc8ab480c72
GET /AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:13 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=JD5Dx7tCgmKf6kz+QU9r8kga7iEE6IznoaZngiGh+sGx8jsVir9%2fm+NAE%2fwx5dSe; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:13 GMT;Httponly; Secure
_abck=159FF73CED503A8A57B7213D101B773A~-1~YAAQFE8kFydJV4eEAQAAfc4d+AlkZIWQ5GUdyMGzj/Tu+HogiI841VCZb2qEXq6c5hPUCC28t45I7qkiRpuvDKtu+fC9KzuK6sEHKoQAZ1wvb5nZHjlYTA5yN/3dZsh2oYmVD95OajS6z3G8ky/1pou7KNj3MTzImuxoKtT/+G9uUWZ7qk8jeCP17oquH3e8IMbhGTEVMV9fG4kVikNNSeC4f9iM0ProAGH4eU2k9V5wggl4iBR2zfGO3Z9edT3GGHkGhIrvEzkh6ktvKeXvrJEep/xLUlQ/abqXf3TOOtXL8Cgp4O0yfXdUymOBBnCv3hxJ1RkTdRGOgPY5iNsPbkjRJzWWM7RWuP15lpThlxB74coFuuSiEBczjXnYR2Tngg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:13 GMT; Max-Age=31536000; Secure
bm_sz=3C2076BF4A07BE6F35A5FC8FAF318023~YAAQFE8kFyhJV4eEAQAAfc4d+BLljjjlLlR0rOqKvh1/8HEPXRYEzzSrXaTYO0pRoVcFnsRcMEIs2rS/1OK1bRQyfokz+u1LzO9JDsnujDYLUW7XDqPJKzJnk7SCfU0siP83lQ2lvpRgLgfv6IM6UkRCQKLGX6wIkiQpWteXPGB+sh3AkNFUGdFNwtwP24yK/eTbplQATRUbRfMVRvHQ9j3Kx/1yM1PQnmvf1supuRqzntHYAL6pSbxs3WTEMpNekz4W0MQ/PSWUtGIaZUiA1VotebkysF3V3rGksqq+NCuvqZYzp7np~4407601~3551556; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:13 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 930ba5eaa36d0ae62209a81939cc1c7e
470ac1b3d5b3310db8acaf535319396288c1e494
0d938185a5512fbb70926a42e1a4d46ece8837aae01b08611c8d5b993187c3f5
GET /auth/static/scripts/adrum-ext.js?v=61D468EE47 HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 18:20:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: In the settings, caching is disabled for matches for one of the current request's GET parameters
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js
404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 930ba5eaa36d0ae62209a81939cc1c7e
470ac1b3d5b3310db8acaf535319396288c1e494
0d938185a5512fbb70926a42e1a4d46ece8837aae01b08611c8d5b993187c3f5
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 18:20:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/login/static/js/general_alt.js
404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/login/static/js/general_alt.js
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 930ba5eaa36d0ae62209a81939cc1c7e
470ac1b3d5b3310db8acaf535319396288c1e494
0d938185a5512fbb70926a42e1a4d46ece8837aae01b08611c8d5b993187c3f5
Analyzer Verdict Alert fortinet Phishing
GET /auth/login/static/js/general_alt.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 18:20:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 930ba5eaa36d0ae62209a81939cc1c7e
470ac1b3d5b3310db8acaf535319396288c1e494
0d938185a5512fbb70926a42e1a4d46ece8837aae01b08611c8d5b993187c3f5
GET /auth/static/scripts/adrum-ext.js?v=61D468EE47 HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7; _cls_v=af755e39-5dc3-4753-9615-7b434ceb6b96; _cls_s=4fdffcd9-836e-4910-a974-06631acc6fbe:0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 18:20:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: In the settings, caching is disabled for matches for one of the current request's GET parameters
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 18:20:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 173328
expires: Wed, 29 Nov 2023 18:20:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXcRFwtZoVPrHDW3RKMR2w%2Fs6tFu7BDJMaaHLoYGzxvDNAZsnTvQRGJ6YfJC0GEg4tasi%2FNh9D7X%2F9UatJAcEKfpqxtigBIGONdZonxchDcWzd6sLEj%2Bx7f72cgq7ijwOcqwwC1T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776fc0f22fa4b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 18:20:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4415130
expires: Wed, 29 Nov 2023 18:20:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8zfO2wilALmUqV2aL8Nm9kD1aJxHHkYaqTwU1EqJBTRNBxUCTlrOrYIi1ko9OzLWYg2IWK1VxIWlUU184fS8B3Ouu1DqG18CLtvOHEl7rIEyOzIIoYLdaN0mgRxyJwgo9R1Ijc3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776fc0f22adbb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 23611510
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 09 Dec 2022 18:20:15 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.slim.min.js
200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 18:20:15 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670610015.dop209.sk1.t,1670610015.cds246.sk1.hn,1670610015.cds230.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 18:20:15 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670610015.dop230.sk1.t,1670610015.cds071.sk1.hn,1670610015.cds222.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2451
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:15 GMT
Last-Modified: Fri, 09 Dec 2022 17:39:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
static.wellsfargo.com/tracking/secure-auth/utag.js
200 OK 10 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6980)
Hash 53fecb94ca862573fe289d05a3ac54e2
e05a6a30c4b589bfbd38576e8f1ca90035b6594a
c43b372f7d5405f75776b9090318fffae8fa5f7a461065b90bc4ea86e0789e0e
GET /tracking/secure-auth/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:35 GMT
Vary: Accept-Encoding
ETag: W/"638fae63-8289"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 9979
Date: Fri, 09 Dec 2022 18:20:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=vYzaDPP5XRqs1DY4nTh7Hg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
200 OK 43 B URL HTTP/1.1 static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t= HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Last-Modified: Thu, 16 Jan 2020 21:55:22 GMT
ETag: "5e20dbca-2b"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
$host: wellsfargo.com
Cache-Control: max-age=3600
Accept-Ranges: bytes
Date: Fri, 09 Dec 2022 18:20:15 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=v6eeB82Tb7iPbSkpdrOI1Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
200 OK 15 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (50395)
Hash 8c4543145b5d3bbf24439e43b91ce590
6bfddee8226c7459c7f7a4ac0acfb83d95e01e22
91b70baec8c865f8a9f996cd8c094e35db21115f1152d7ead857fbe0c5b66a8c
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 18:20:15 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 11/15/2022 10:39:35
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 94e610235c795195ba4d6cbcb1cbff81
cdn-cache: HIT
cf-cache-status: HIT
age: 55490
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776fc0f27ba90b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
200 OK 8.8 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (601)
Hash a71045f83e947726800148bc8e994d14
b81e27a50b39508a861a10b578b5195b4bb03fd9
48cfee6af8a269391b5767d2c6541d800cfcd99a51e62d18be73f49b5919b872
GET /auth/static/scripts/conutils-6.9.0.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:13 GMT
Vary: Accept-Encoding
ETag: W/"638eacf5-5bd1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 8774
Date: Fri, 09 Dec 2022 18:20:15 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=eZtp802t8wqYlE%2fhbKIYUni5Uon0LVBocdvCPICLUuDw7GPpcGqXg4FY2%2fRF0aR1; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:15 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
200 OK 23 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /wfui/css/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5848-582d133e56280"
accept-ranges: bytes
content-length: 22600
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 18:20:15 GMT
date: Fri, 09 Dec 2022 18:20:15 GMT
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
200 OK 27 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26708, version 1.13107\012- data
Hash 885d42ab7ffcffc42ed29816c3ce9727
3d84cb41ddfb5bf8627e2b9dc867237bea47baad
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
GET /wfui/css/fonts/wellsfargoserif-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Mon, 11 Mar 2019 20:52:01 GMT
etag: "6854-583d7be82be40"
accept-ranges: bytes
content-length: 26708
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 18:20:15 GMT
date: Fri, 09 Dec 2022 18:20:15 GMT
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
200 OK 22 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /wfui/css/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5798-582d133e56280"
accept-ranges: bytes
content-length: 22424
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Sat, 09 Dec 2023 18:20:15 GMT
date: Fri, 09 Dec 2022 18:20:15 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
200 OK 607 B URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:12 GMT
Vary: Accept-Encoding
ETag: W/"638eacf4-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Fri, 09 Dec 2022 18:20:15 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=QKJZqRBpKFK4D%2fgPzz4E9ijOIwNDi8ajcx+Jc42fGqQ6CSIedKxKtzWdz9kGmtQ+; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:15 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
status.geotrust.com/
200 OK 471 B IP
Hash 2914bf9965fbb345af0460f8a6b15aeb
6a97030ab679647ca186abb22aae7a1eb0cd7f12
5ce7ced50656bd6419af356921f06dea4e7d0f6c4e7a9a7af6b4303849752735
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 18:20:15 GMT
Last-Modified: Fri, 09 Dec 2022 17:25:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.secure.wellsfargo.com/AIDO/gateway.html?sui=46f918ac5359ea506a8bcca006e3a3ad447252f7fb0bdbf4d7f19f7c23bf2e4d
200 OK 11 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/gateway.html?sui=46f918ac5359ea506a8bcca006e3a3ad447252f7fb0bdbf4d7f19f7c23bf2e4d
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (22057), with no line terminators
Hash bef47073abd8f55fd22dfe5173afca46
b9c8bd6bbd0c549baacc85ffc90f88d735f0cbe4
5fcf1591c0bb2ecedca06b0f45ec6adb8df788e77ac65517f3ef7c1fdefaea4b
GET /AIDO/gateway.html?sui=46f918ac5359ea506a8bcca006e3a3ad447252f7fb0bdbf4d7f19f7c23bf2e4d HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 10805
max-age: 0
Expires: Fri, 09 Dec 2022 19:20:15 GMT
X-XSS-Protection: 1; mode=block
Cache-Control: private, max-age=3600
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 18:20:16 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=HJ9mdkhY2H1Rrf2CR65OpJCcpPOPX8yHil8HgFaRhaGDutgg5oG2%2fymk7U5VLWCi; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:15 GMT;Httponly; Secure
_abck=B1AEF956BBCE0CBBC0BDB0C43153991D~-1~YAAQFE8kF1ZJV4eEAQAAEdcd+Aljt2sayPLxJUtQRxW9HMEh91PhM1IR+SLaZn11Jh/w8UqitbRb95fBbtolQ/G4/HH+hvI83qu+TwQTVr+910IdMDc5NNmyN8PDKqohjj4ARwgRjU6gWBdNEJ2PIkm0SZ7jY/ZlqGMOuyisax6BssfN+uyqEY/OK5+TeyWXCMKG9tb4XNCT9kX0RHWEthcV7QeiWeAEIN4mF/g2CAXIfVhwdL7w93UzN1TJDqHi6ZEoPYFauweh+oJ3Gc6Z8QJDvMRtvac3HoNrhlhl9OgJLqm2t2aGP23xhi37tY1xz5ijBa54/N1xXxgrbLUz9jH803fDBeimbC5qE6UAR79Jab4GH3dL+k/LDeIkAgvCfw==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:16 GMT; Max-Age=31536000; Secure
bm_sz=4A2787DCDEC4A2E7F39ADAD8DFB5967C~YAAQFE8kF1dJV4eEAQAAEdcd+BKIagCRrS2xq+/J/TFaP2F10qjpnhK08pROS3JFjvAGypBchUq1czGLANNLCZpoq+xntKWbCyhDSOxSCRRbJExuTZRsTyjFyDI+wcA5P36lckt1etXYz9olvAw6Hn22gypQ5C4uzzcYsygKTRq3hhmL2SjPmBPbmPDILN1IHQbWHbqsrHY7QYcyIgVD0iYcZttstuUlp28QNQGHe2tr4vd/rSNu/QYj8Kjh8Kjl3jpKazkf2wGp/wdhOHG123c6FzZ/7F812fXy1e5bdHjsnIlB4zLX~4539954~4468791; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:15 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiQmd6aCtLaTkycVNEVXU0MkJqdUpqQT09IiwiZSI6InVzQ1dIMVg4azdiaE92QXZ6d3VxOWdraWEyYVk3WmVCRHVpY3Bsd3kwVnpFOVBENW9SSEtGeU11UDZRSTQ4WGwyOElRb2pnYUJSMHVGQXFacjkrWU5GWjh5SnJuYW5XVHJJSURmaFBLRWRDaEt1RVFDYko1d3hlNHdwcVdYeldaSXBtNGVIUzFKM2l4WmdHaXV2R3QwQT09In0%3D.eeac1efa2f037aa0.ZGY2ZmQzMzYwYjAzYjZhZDg3MWRjMTU3YWM4MzFmMWVhYjZmMWNhYTM0MzRhNjljZTM3NDU2YjY4ZjIyMzk5ZA%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fcvv%2FwellsfargoNew%2Fwellsfargo.com_iceNi%2524%2524a%2FW%2Findex.php&icid=167061001437139499
200 OK 0 B URL HTTP/2 awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiQmd6aCtLaTkycVNEVXU0MkJqdUpqQT09IiwiZSI6InVzQ1dIMVg4azdiaE92QXZ6d3VxOWdraWEyYVk3WmVCRHVpY3Bsd3kwVnpFOVBENW9SSEtGeU11UDZRSTQ4WGwyOElRb2pnYUJSMHVGQXFacjkrWU5GWjh5SnJuYW5XVHJJSURmaFBLRWRDaEt1RVFDYko1d3hlNHdwcVdYeldaSXBtNGVIUzFKM2l4WmdHaXV2R3QwQT09In0%3D.eeac1efa2f037aa0.ZGY2ZmQzMzYwYjAzYjZhZDg3MWRjMTU3YWM4MzFmMWVhYjZmMWNhYTM0MzRhNjljZTM3NDU2YjY4ZjIyMzk5ZA%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fcvv%2FwellsfargoNew%2Fwellsfargo.com_iceNi%2524%2524a%2FW%2Findex.php&icid=167061001437139499
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiQmd6aCtLaTkycVNEVXU0MkJqdUpqQT09IiwiZSI6InVzQ1dIMVg4azdiaE92QXZ6d3VxOWdraWEyYVk3WmVCRHVpY3Bsd3kwVnpFOVBENW9SSEtGeU11UDZRSTQ4WGwyOElRb2pnYUJSMHVGQXFacjkrWU5GWjh5SnJuYW5XVHJJSURmaFBLRWRDaEt1RVFDYko1d3hlNHdwcVdYeldaSXBtNGVIUzFKM2l4WmdHaXV2R3QwQT09In0%3D.eeac1efa2f037aa0.ZGY2ZmQzMzYwYjAzYjZhZDg3MWRjMTU3YWM4MzFmMWVhYjZmMWNhYTM0MzRhNjljZTM3NDU2YjY4ZjIyMzk5ZA%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fcvv%2FwellsfargoNew%2Fwellsfargo.com_iceNi%2524%2524a%2FW%2Findex.php&icid=167061001437139499 HTTP/1.1
Host: awusw-wfr.advanced-web-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Fri, 09 Dec 2022 18:20:15 GMT
server: haile
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XbURZLSX-9joQt0yOO-Q46SWATWGVAm9G5eqV8rDrQn4eaxANE5qpg==
X-Firefox-Spdy: h2
www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/img/loading.gif
200 OK 39 kB URL HTTP/1.1 www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/img/loading.gif
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type GIF image data, version 89a, 200 x 200\012- data
Hash d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
GET /cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/img/loading.gif HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7; _cls_v=af755e39-5dc3-4753-9615-7b434ceb6b96; _cls_s=4fdffcd9-836e-4910-a974-06631acc6fbe:0; LSESSIONID=eyJpIjoiQmd6aCtLaTkycVNEVXU0MkJqdUpqQT09IiwiZSI6InVzQ1dIMVg4azdiaE92QXZ6d3VxOWdraWEyYVk3WmVCRHVpY3Bsd3kwVnpFOVBENW9SSEtGeU11UDZRSTQ4WGwyOElRb2pnYUJSMHVGQXFacjkrWU5GWjh5SnJuYW5XVHJJSURmaFBLRWRDaEt1RVFDYko1d3hlNHdwcVdYeldaSXBtNGVIUzFKM2l4WmdHaXV2R3QwQT09In0%3D.eeac1efa2f037aa0.ZGY2ZmQzMzYwYjAzYjZhZDg3MWRjMTU3YWM4MzFmMWVhYjZmMWNhYTM0MzRhNjljZTM3NDU2YjY4ZjIyMzk5ZA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 18:20:15 GMT
Content-Type: image/gif
Content-Length: 38636
Last-Modified: Sat, 11 Aug 2018 06:03:52 GMT
Connection: keep-alive
ETag: "5b6e7c48-96ec"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.imexinter.com/auth/static/ui/loginaltsignon/public/js/wfui.5b2dbd8c6f5da16ba504.chunk.js
404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/ui/loginaltsignon/public/js/wfui.5b2dbd8c6f5da16ba504.chunk.js
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 930ba5eaa36d0ae62209a81939cc1c7e
470ac1b3d5b3310db8acaf535319396288c1e494
0d938185a5512fbb70926a42e1a4d46ece8837aae01b08611c8d5b993187c3f5
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/ui/loginaltsignon/public/js/wfui.5b2dbd8c6f5da16ba504.chunk.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7; _cls_v=af755e39-5dc3-4753-9615-7b434ceb6b96; _cls_s=4fdffcd9-836e-4910-a974-06631acc6fbe:0; LSESSIONID=eyJpIjoiQmd6aCtLaTkycVNEVXU0MkJqdUpqQT09IiwiZSI6InVzQ1dIMVg4azdiaE92QXZ6d3VxOWdraWEyYVk3WmVCRHVpY3Bsd3kwVnpFOVBENW9SSEtGeU11UDZRSTQ4WGwyOElRb2pnYUJSMHVGQXFacjkrWU5GWjh5SnJuYW5XVHJJSURmaFBLRWRDaEt1RVFDYko1d3hlNHdwcVdYeldaSXBtNGVIUzFKM2l4WmdHaXV2R3QwQT09In0%3D.eeac1efa2f037aa0.ZGY2ZmQzMzYwYjAzYjZhZDg3MWRjMTU3YWM4MzFmMWVhYjZmMWNhYTM0MzRhNjljZTM3NDU2YjY4ZjIyMzk5ZA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 18:20:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBDUGFHT3ZERFVRR0N3dkg1OEx1elVzTnFod0VzNEwrMW5GNDZFS0t2YktoMzNlTmVmc3F0bVRudmFtbWNrQTBvM1FEdkVOK1VDY2hOVi8wV1RQZ2diZ2VKY3dGRndjWjJ0Ym1vRG44KytWQWNZTnJnWGJURy8zdkNKeStvdFJSdXJNL0hmci9yQkpURTJKYll3MXZCdGwvVGpnNkVrK3BTeFh1TC9EODFMSlhmcTFVS2pTL3NBNk8yUHEwZXV2QzRBWllqNmVrMHRaK2c2cnpCQ0d3ZVNTdk1YcWdmbFNjSDZ2YzV1ZVRuQlBUUXBDUkgxbGllSm9aVEVXL0hCZ1VGNi8xa2hROE5uWlZMSlE9PXwxMWE5NzVmNWU3Y2ZmNDViYmVlZTMyMzk2OGI5ZTQ3Nzg2MTU1OTNiMmUzOTU1MTIwYTVmNmVhMGM1MzI3OGQzNzU3ODlmZWM4MDkyNmQzYWYwMTcyMzM4M2E4ZDllNzU3Y2ZhYzUwYTE1ZDllNzk2MzlhODE4ZWU3MjQwMTYwYTBlN2UwNjlmY2VlNjVkZWU4ZmRkN2U3MzMwOTA1MjQyMDQ1NWNiMzllNzdmYTk1ZDk0N2QyM2I3NDMyNzI0NDQ3NzRjYWZjYmQ4MzBlYzI0NTc5OTFmMjBiM2U0OTI3ZTM3ZTQ5ODMwMWNiNDNiMzBmNDc1ZWE2OGQwZDQxMGMwOWNkYWJlYzFjNzI4YTI4NGMwODJmMzc2YjM3NjdhODA4ZmY5MzMzMzE2ZTM5ZGU3ZDNkZGQxNTVkMWE3NjJlY2RjMDdmZjBkZDdlYmM1OTgxYTZiOTAxZWNhMDZjMWQwOTIyZWQ0ZjcxMjgyZTBkODQyM2FmM2I2OGMyMGZkMzdhZWNjY2Q4NDM1YmRkY2RkZGU5YWE4NDZiYzk3ODk5MWFlZmZlZTAxMDJjMWJiYjhlMjllNDc2MjBlNjNjNjk4N2RmMzYzMWI0OWYxMTMyMGM2NmI2NDdjYWZiYmJlNGVlMjY0ZmVjMzI3YzUzZTAzODZjNWY4YTQ0YjU4YjA3ZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.imexinter.com&t=jsonp&c=cwx_xay_gwwxmxrp&eu=https%3A%2F%2Fwww.imexinter.com%2Fcvv%2FwellsfargoNew%2Fwellsfargo.com_iceNi%2524%2524a%2FW%2Findex.php
200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=ZW5jZEBDUGFHT3ZERFVRR0N3dkg1OEx1elVzTnFod0VzNEwrMW5GNDZFS0t2YktoMzNlTmVmc3F0bVRudmFtbWNrQTBvM1FEdkVOK1VDY2hOVi8wV1RQZ2diZ2VKY3dGRndjWjJ0Ym1vRG44KytWQWNZTnJnWGJURy8zdkNKeStvdFJSdXJNL0hmci9yQkpURTJKYll3MXZCdGwvVGpnNkVrK3BTeFh1TC9EODFMSlhmcTFVS2pTL3NBNk8yUHEwZXV2QzRBWllqNmVrMHRaK2c2cnpCQ0d3ZVNTdk1YcWdmbFNjSDZ2YzV1ZVRuQlBUUXBDUkgxbGllSm9aVEVXL0hCZ1VGNi8xa2hROE5uWlZMSlE9PXwxMWE5NzVmNWU3Y2ZmNDViYmVlZTMyMzk2OGI5ZTQ3Nzg2MTU1OTNiMmUzOTU1MTIwYTVmNmVhMGM1MzI3OGQzNzU3ODlmZWM4MDkyNmQzYWYwMTcyMzM4M2E4ZDllNzU3Y2ZhYzUwYTE1ZDllNzk2MzlhODE4ZWU3MjQwMTYwYTBlN2UwNjlmY2VlNjVkZWU4ZmRkN2U3MzMwOTA1MjQyMDQ1NWNiMzllNzdmYTk1ZDk0N2QyM2I3NDMyNzI0NDQ3NzRjYWZjYmQ4MzBlYzI0NTc5OTFmMjBiM2U0OTI3ZTM3ZTQ5ODMwMWNiNDNiMzBmNDc1ZWE2OGQwZDQxMGMwOWNkYWJlYzFjNzI4YTI4NGMwODJmMzc2YjM3NjdhODA4ZmY5MzMzMzE2ZTM5ZGU3ZDNkZGQxNTVkMWE3NjJlY2RjMDdmZjBkZDdlYmM1OTgxYTZiOTAxZWNhMDZjMWQwOTIyZWQ0ZjcxMjgyZTBkODQyM2FmM2I2OGMyMGZkMzdhZWNjY2Q4NDM1YmRkY2RkZGU5YWE4NDZiYzk3ODk5MWFlZmZlZTAxMDJjMWJiYjhlMjllNDc2MjBlNjNjNjk4N2RmMzYzMWI0OWYxMTMyMGM2NmI2NDdjYWZiYmJlNGVlMjY0ZmVjMzI3YzUzZTAzODZjNWY4YTQ0YjU4YjA3ZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.imexinter.com&t=jsonp&c=cwx_xay_gwwxmxrp&eu=https%3A%2F%2Fwww.imexinter.com%2Fcvv%2FwellsfargoNew%2Fwellsfargo.com_iceNi%2524%2524a%2FW%2Findex.php
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 47a7d17c48f6da7046e0d465d5e9a2dd
380e71dad851df0c717d05468e9073fc7a27492f
67d2056e89071fd4a3b6492cbc6ac1321687f89036ba866a9df7752d6e1c585b
GET /AIDO/vyHb?d=ZW5jZEBDUGFHT3ZERFVRR0N3dkg1OEx1elVzTnFod0VzNEwrMW5GNDZFS0t2YktoMzNlTmVmc3F0bVRudmFtbWNrQTBvM1FEdkVOK1VDY2hOVi8wV1RQZ2diZ2VKY3dGRndjWjJ0Ym1vRG44KytWQWNZTnJnWGJURy8zdkNKeStvdFJSdXJNL0hmci9yQkpURTJKYll3MXZCdGwvVGpnNkVrK3BTeFh1TC9EODFMSlhmcTFVS2pTL3NBNk8yUHEwZXV2QzRBWllqNmVrMHRaK2c2cnpCQ0d3ZVNTdk1YcWdmbFNjSDZ2YzV1ZVRuQlBUUXBDUkgxbGllSm9aVEVXL0hCZ1VGNi8xa2hROE5uWlZMSlE9PXwxMWE5NzVmNWU3Y2ZmNDViYmVlZTMyMzk2OGI5ZTQ3Nzg2MTU1OTNiMmUzOTU1MTIwYTVmNmVhMGM1MzI3OGQzNzU3ODlmZWM4MDkyNmQzYWYwMTcyMzM4M2E4ZDllNzU3Y2ZhYzUwYTE1ZDllNzk2MzlhODE4ZWU3MjQwMTYwYTBlN2UwNjlmY2VlNjVkZWU4ZmRkN2U3MzMwOTA1MjQyMDQ1NWNiMzllNzdmYTk1ZDk0N2QyM2I3NDMyNzI0NDQ3NzRjYWZjYmQ4MzBlYzI0NTc5OTFmMjBiM2U0OTI3ZTM3ZTQ5ODMwMWNiNDNiMzBmNDc1ZWE2OGQwZDQxMGMwOWNkYWJlYzFjNzI4YTI4NGMwODJmMzc2YjM3NjdhODA4ZmY5MzMzMzE2ZTM5ZGU3ZDNkZGQxNTVkMWE3NjJlY2RjMDdmZjBkZDdlYmM1OTgxYTZiOTAxZWNhMDZjMWQwOTIyZWQ0ZjcxMjgyZTBkODQyM2FmM2I2OGMyMGZkMzdhZWNjY2Q4NDM1YmRkY2RkZGU5YWE4NDZiYzk3ODk5MWFlZmZlZTAxMDJjMWJiYjhlMjllNDc2MjBlNjNjNjk4N2RmMzYzMWI0OWYxMTMyMGM2NmI2NDdjYWZiYmJlNGVlMjY0ZmVjMzI3YzUzZTAzODZjNWY4YTQ0YjU4YjA3ZHwwMGVlMGI2MmVjYWFjODlm&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.imexinter.com&t=jsonp&c=cwx_xay_gwwxmxrp&eu=https%3A%2F%2Fwww.imexinter.com%2Fcvv%2FwellsfargoNew%2Fwellsfargo.com_iceNi%2524%2524a%2FW%2Findex.php HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Fri, 09 Dec 2022 18:20:17 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=4D4M1RJyjinJpXRvM%2fScOZnRv7m8MZCGLxxA+t69A2Q3VxHzbHI%2ft2gjwW9s993L; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 18:35:17 GMT;Httponly; Secure
_abck=B6580241BDB512731E19C16EA8997729~-1~YAAQFE8kF65JV4eEAQAAxd0d+Amm5E2J6sts7vzp50p+5ILVuh9e3f/tAMdCOYzSK7v18FwMoteqxmvXD0uQzJ7cap3I0uUotyMD+MdX8zGgovdDP4Ucp4G767bSh0qj1G/Wu9iYd5Bxc+/vjeGDh3IimNchSDVhZJtZ5gaia8GyYMWM4NuxO1ihdsZHr5/nfHV7rwCWeJuUUjQQeQhkYrhiekC2fxXCJks4fTLPNlsd33rh+pMEntjZUPZCje3H4CsvoBL0ilMhYsrnbvCXh3b+XPXaOVpA3WIWKYZi3jPVeH1nBOjBAesQ4QT5OYM74Ys7fOFtiXIYjaLVk+kyqP/DFotbkF0tKt2Ob+Miy0rhzVK9RoiRRTJWBGiYLlRFcg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Sat, 09 Dec 2023 18:20:17 GMT; Max-Age=31536000; Secure
bm_sz=99E35E55F6BBF8AEF8014AE2B593C223~YAAQFE8kF69JV4eEAQAAxd0d+BIy6XsN7y9ebrNFCtMmYWlOfO9y4fbrVi2WVkTiIk7Y9RhzcCeYttSVHQfGRj7JZ9sx4dWMEVecAt0OHl4giUpz4jFUjZ7njRY1lUYZV24d6sSHsrHENGfgJvF4TY/kKbJCbqdqK3WtbpnlXP09PH44zAmw1A9c8/ON9rDeZpDK+A4FZHxIsu8FnYkcnOXzAM8Noy0Jw2aqmAKri2vT0bQUCXLoJqS7KRPVZPxdpVd88plQFSpQfwsINBPQafOcJ+VlF+1yFKrqvGD7Qfu2sWvQX/VZ~4404529~3551537; Domain=.wellsfargo.com; Path=/; Expires=Fri, 09 Dec 2022 22:20:17 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/auth/static/ui/loginaltsignon/public/js/runtime.2321a8e33b12b5146e18.js
404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/ui/loginaltsignon/public/js/runtime.2321a8e33b12b5146e18.js
IP
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 930ba5eaa36d0ae62209a81939cc1c7e
470ac1b3d5b3310db8acaf535319396288c1e494
0d938185a5512fbb70926a42e1a4d46ece8837aae01b08611c8d5b993187c3f5
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/ui/loginaltsignon/public/js/runtime.2321a8e33b12b5146e18.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/cvv/wellsfargoNew/wellsfargo.com_iceNi%24%24a/W/index.php
Cookie: PHPSESSID=29t9j59k3i0gs6f2a0vdrlnvk7; _cls_v=af755e39-5dc3-4753-9615-7b434ceb6b96; _cls_s=4fdffcd9-836e-4910-a974-06631acc6fbe:0; LSESSIONID=eyJpIjoiQmd6aCtLaTkycVNEVXU0MkJqdUpqQT09IiwiZSI6InVzQ1dIMVg4azdiaE92QXZ6d3VxOWdraWEyYVk3WmVCRHVpY3Bsd3kwVnpFOVBENW9SSEtGeU11UDZRSTQ4WGwyOElRb2pnYUJSMHVGQXFacjkrWU5GWjh5SnJuYW5XVHJJSURmaFBLRWRDaEt1RVFDYko1d3hlNHdwcVdYeldaSXBtNGVIUzFKM2l4WmdHaXV2R3QwQT09In0%3D.eeac1efa2f037aa0.ZGY2ZmQzMzYwYjAzYjZhZDg3MWRjMTU3YWM4MzFmMWVhYjZmMWNhYTM0MzRhNjljZTM3NDU2YjY4ZjIyMzk5ZA%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Dec 2022 18:20:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
200 OK 0 B URL HTTP/2 www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
IP
GET /auth/static/images/COB-BOB-IRT-enroll_balloons.jpg HTTP/1.1
Host: www10.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 625433
last-modified: Wed, 03 Aug 2022 01:44:33 GMT
etag: "62e9d301-98b19"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
access-control-allow-methods: POST
allow: GET, POST, OPTIONS
accept-ranges: bytes
cache-control: max-age=10368000
expires: Sat, 08 Apr 2023 18:20:15 GMT
date: Fri, 09 Dec 2022 18:20:15 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/gb/detector-dom.min.js
200 OK 0 B URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP
ASN #20940 Akamai International B.V.
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Fri, 09 Dec 2022 18:20:12 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=TIaqA42JdQ2SgELgwOLujQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
145.14.151.30
23.36.79.27
152.199.19.160
93.184.220.29
104.17.24.14
163.44.197.16