r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Mon, 12 Dec 2022 03:51:07 GMT
Date: Mon, 12 Dec 2022 01:51:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16216
Expires: Mon, 12 Dec 2022 06:21:42 GMT
Date: Mon, 12 Dec 2022 01:51:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 01:33:39 GMT
content-type: application/json
age: 1067
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16956
Expires: Mon, 12 Dec 2022 06:34:02 GMT
Date: Mon, 12 Dec 2022 01:51:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: i6SUviQyzWK4areIslYZ9Do03wZNo7fa7IA6GkL7BfDk8+Lj88Xa8FS9f/Rbo8X8zJagQQNhvWA=
x-amz-request-id: 9GCZ7Z7C9CG1JJ77
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 01:51:19 GMT
age: 7
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 01:51:26 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 01:33:16 GMT
age: 1090
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a442e7018c54068652b7053d4dd2a41
abaf9979ff36b9605ff22a237b778efc49ecc1ba
47082d542372358ed03fb3c5f9321b4d3732c0dbae645a2a5c74327db7f7e28a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47082D542372358ED03FB3C5F9321B4D3732C0DBAE645A2A5C74327DB7F7E28A"
Last-Modified: Sat, 10 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Mon, 12 Dec 2022 07:50:47 GMT
Date: Mon, 12 Dec 2022 01:51:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4729
Cache-Control: max-age=117258
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:27 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 10:25:45 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.35.190.173101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.190.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RQWPckSKVzJQH4shBNd3cw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qt1CNVj0XbVdrx4y3JLRoMG9DuM=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6481
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:27 GMT
Last-Modified: Mon, 12 Dec 2022 00:03:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css
95.101.10.136200 OK 2.5 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
Hash 5d05bec210515094a569c911be5c5d61
b7a5b5c30565d817265cc73f454dce0d6ddcd28b
50680b1825c3142e3fbd6b4c9985e6c197e1a9ab4829c3cb817f4cb90d6526d0
GET /auth/static/ui/loginaltsignon/public/stylesheets/main.d5ef04dc4bbb58096bdc.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2464
Last-Modified: Thu, 13 May 2021 02:22:58 GMT
Vary: Accept-Encoding
ETag: "609c8d82-9a0"
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Date: Mon, 12 Dec 2022 01:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=69xsm9VKNZYSKPjr969C+A%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ytc/ytc.js
95.101.10.120200 OK 5.6 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ytc/ytc.js
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15032)
Hash c48fe5e804797f0f227c7b840d74a48c
af0ab8fe13f1dc1de7363cfbfc14eacf766a13c2
1a2fbaccd0201b433a5fe36253718facae1b50d23d6af5884279f563a7494c2f
GET /tracking/ytc/ytc.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 15 Jul 2021 21:00:28 GMT
Vary: Accept-Encoding
ETag: W/"60f0a1ec-3ad3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5614
Date: Mon, 12 Dec 2022 01:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=B6Cs29rsz6G9pT+EzfIfjA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/ga_conversion_async.js
95.101.10.120200 OK 14 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga_conversion_async.js
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (35846)
Hash 42c817a7b5f9583b2bc70f742dc950c9
ff75711716f8605860abe551b0235f7194e4348e
881b430ac699f32b3b5234582494d1f4fc0d22be1e6ac797847d66bc5ebc250f
GET /tracking/ga/ga_conversion_async.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-8c31"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 13593
Date: Mon, 12 Dec 2022 01:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=%2fVKxwocug%2fE0VS10COVi7g%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
95.101.10.120200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 01:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=aHPNg6Ro7Kvc%2fzuCPg3Ujg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
95.101.10.120200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?id=UA-107148943-1
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?id=UA-107148943-1 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 01:51:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=yCWFTG%2fn4TFAXPSjsEusgQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6482
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:28 GMT
Last-Modified: Mon, 12 Dec 2022 00:03:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css
95.101.10.136200 OK 20 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
Hash 2beb0f885999a04e8c74f2ae4ecb70a7
2b9c9aa8db27a0ce51dc90002766f07ba59fc7d8
52c66fd385f6c3fde47662845c247c55b713770b8c332b747364b7976d84a1ac
GET /auth/static/ui/loginaltsignon/public/stylesheets/wfui.4751add72058e9dd58f2.chunk.css HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 20434
Last-Modified: Thu, 13 May 2021 02:22:41 GMT
Vary: Accept-Encoding
ETag: "609c8d71-4fd2"
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=FQlLewC%2f+tSo9w%2f%2fxOO5wA%3d%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6482
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:28 GMT
Last-Modified: Mon, 12 Dec 2022 00:03:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6482
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:28 GMT
Last-Modified: Mon, 12 Dec 2022 00:03:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53c30a8af8bd2ff2a59388279b64a936
3150f86f952521dc118a2bcc8187f97978c46c71
3abf6c67d9a28878300c645f58f705391ef9023d74cd4341d1bd58d86e93817f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6287
Cache-Control: max-age=113457
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:28 GMT
Etag: "639588c2-1d7"
Expires: Tue, 13 Dec 2022 09:22:25 GMT
Last-Modified: Sun, 11 Dec 2022 07:37:38 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471
static.wellsfargo.com/tracking/gb/detector-dom.min.js
95.101.10.120200 OK 132 kB URL HTTP/1.1 static.wellsfargo.com/tracking/gb/detector-dom.min.js
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65434)
Size 132 kB (131829 bytes)
Hash 73ad7a8f8ccda765b898b038f90d8274
756ac35ad2422d93a0b327dfeff7fe9200695883
60ccc38cf175aba7cbe63bf1ec6319b5c1648d9a52014dfefa6ec718476a17b7
GET /tracking/gb/detector-dom.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:03:51 GMT
Vary: Accept-Encoding
ETag: W/"632cbfa7-6b8d3"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 131829
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=iukAg9hflis8SQqTZwD4oA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/survey/gateway.min.js
95.101.10.120200 OK 7.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/survey/gateway.min.js
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (18709)
Hash 4e22de87d95250210841318d44411316
732d49d6c6fbaf72ca9ac3cfe7d34a08400506cf
b62365f674d8b5ce81a33cae6ad20ad15b03d10b31f6e639ab316e3480a7dc66
GET /tracking/survey/gateway.min.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 05 Dec 2019 22:21:08 GMT
Vary: Accept-Encoding
ETag: W/"5de982d4-4c5d"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 7188
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=afQzrPl6Hatv9zJqWaAALQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
95.101.10.120200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=DC-2549153 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=gEXfCAHya5FBAePwS1JTlA%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/js/actions.js
163.44.197.16200 OK 504 B URL HTTP/1.1 www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/js/actions.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash a929d6eebf69eaec9a46285c50f74994
2e42a8ba54ef0fdd2c59252cb9912516d6de1d7c
9d670b99192b4af1f0e339ab729d0a4700055d254f3d18f6f2b44ef76dca3eea
Analyzer Verdict Alert fortinet Phishing
GET /wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/js/actions.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 01:51:27 GMT
Content-Type: text/javascript
Last-Modified: Thu, 28 Oct 2021 06:27:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"617a42d6-50b"
X-Powered-By: PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053
95.101.10.120200 OK 1.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4209)
Hash 7251c21cc4e7be828526ed0d5e218cd0
87abe4f4f42842077a75808b7c7e016b179731bb
472d727e0870b9fd4b6f965c73d41d8e4d3a9739f1f966e5785139f4b7492996
GET /tracking/secure-auth/utag.4.js?utv=ut4.46.202011242053 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-16e0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1663
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=kQTIhCjG+DoOgWCozAWIdQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749
95.101.10.120200 OK 2.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1022)
Hash a14fd9149c74dc560cbb2b19a945ef73
feb2bb1497fdf3810f823e09124f310ac3dfe9e0
314c74f80c31e727c06da493e10e9dba8cc3a80f2eb07d06463c486a3ba10ffe
GET /tracking/secure-auth/utag.3.js?utv=ut4.46.202012011749 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 03 Dec 2020 23:04:06 GMT
Vary: Accept-Encoding
ETag: W/"5fc96ee6-15f9"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2186
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=srGWHp50Q21hY194scqigw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209
95.101.10.120200 OK 2.4 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3223)
Hash 44449282135ec65f8a30f2d0019559bc
b5345b6412524b284661df58083cf4a69137bf07
4274fe65bf4837e788240c5554ea146522b4f639497f86f0ebad1cfdff13e71b
GET /tracking/secure-auth/utag.5.js?utv=ut4.46.202103182209 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 20:06:42 GMT
Vary: Accept-Encoding
ETag: W/"632cc052-1c52"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2392
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=o6DI%2fcPkUoEtajpoVe7cFg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
95.101.10.120200 OK 45 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65507), with CRLF line terminators
Hash 02c5944802e321a49c191c43a905bfb7
77b4ac5db5c8717754fd2976f88ba2027e458ff4
e987815600381f14afd300d17c4f73646afe42233097d411b75d33ffbc7989c4
GET /tracking/ga/gtag.js?t=AW-984436569 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:34 GMT
Vary: Accept-Encoding
ETag: W/"638fae62-1ca3a"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 45055
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=QDMaYy3xyhobp0sVKudbmQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514
95.101.10.120200 OK 3.2 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1579)
Hash bda63f460bc390b7b26d7c6bf49bc292
a9e353a34855275090f1812746caed3ecaaaed10
c7d2d5ed51d288030e4f53182ad497193a669255e1c9ab0f539765d0c9189218
GET /tracking/secure-auth/utag.7.js?utv=ut4.46.202010230514 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Oct 2020 21:48:43 GMT
Vary: Accept-Encoding
ETag: W/"5f99e73b-28df"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 3220
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=a%2fGSzsDol1fvMrR1mY8zaw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/css/style.css
163.44.197.16200 OK 190 B URL HTTP/1.1 www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/css/style.css
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type ASCII text, with CRLF line terminators
Hash 171d4b7033815f99c79bb13d5a7a4042
c00a8cdfbb438adae5e2e51a8c1969d341476922
e4f7e5605680d92d2f2c7fa402a5f03c14c63f11a24bc80ce8edef9150c23d5e
GET /wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/css/style.css HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 01:51:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Accel-Version: 0.01
Last-Modified: Thu, 28 Oct 2021 06:48:28 GMT
ETag: W/"23d6c-12a-5cf6419146700"
MS-Author-Via: DAV
X-Powered-By: PleskLin
Content-Encoding: gzip
static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956
95.101.10.120200 OK 5.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2575)
Hash 9b6e37266171f49f824a6e39a413ff6f
142cc5dc8990b0d62bbf391cfdbd10cf4fbb595a
9e08142c6288d72a8448c65148ff9ea288c8958942bb36482f2409f504f3518b
GET /tracking/secure-auth/utag.10.js?utv=ut4.46.202102191956 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 04 Mar 2021 00:30:32 GMT
Vary: Accept-Encoding
ETag: W/"60402a28-50bb"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 5672
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=55ziMhcDvTUpNQfhBajvDg%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050
95.101.10.120200 OK 1.7 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1142)
Hash 8ef348be98d33d036c76772130429a0f
0ff80908b030a9d097cf1638dd903f315791c7c5
64c81f54226a9628d8944de4a31944b810f28de5db7844bfada1ee6e18c2fb8a
GET /tracking/secure-auth/utag.15.js?utv=ut4.46.202109220050 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-ebc"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1682
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Ma590%2ff9WSmXrwmw8an5aQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200
95.101.10.120200 OK 1.3 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (1071)
Hash 43ec84506efb1df65f7be5764c4f8140
d9b3ab4e2cca9334c1290ffd518b8000080af784
5008a2797a0a577262b7e24bab726817ad2e914c746a425a4d9e95c03bb5619d
GET /tracking/secure-auth/utag.12.js?utv=ut4.46.202104052200 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 08 Apr 2021 21:15:26 GMT
Vary: Accept-Encoding
ETag: W/"606f726e-a3f"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 1343
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=eemeAJgBeW3liHCiTCQkQQ%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122
95.101.10.120200 OK 3.5 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3237)
Hash 366c78f63905a07a51fcf2ca5cb938e6
7d7b1a2eb08c7972faefff64e841ba22ed0e04ee
0c587e2186f735f5ea6625edb02eb6690301eaa6c87fae4ab8f37d93610bcd99
GET /tracking/secure-auth/utag.9.js?utv=ut4.46.202103170122 HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 23 Sep 2021 21:00:33 GMT
Vary: Accept-Encoding
ETag: W/"614ceaf1-2bba"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 3522
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=koTGiN0U70CTvq1%2f5oVo9Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/jenny/nd
95.101.10.136200 OK 17 kB URL HTTP/1.1 connect.secure.wellsfargo.com/jenny/nd
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2285)
Hash 515e501153e3baed8b4390e1bf9abb01
44566e5a0b1fd0698e7d30a271616a86b4ec7b3f
ffc67611346198f4adee9172b9ae5226337cf63cb1be7871180669df23720fce
GET /jenny/nd HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Vary: accept-encoding
Content-Encoding: gzip
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 17067
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: ADRUM_BTa=R:26|g:a9335b76-b0ff-4b50-8f0f-e23e87608cc9; Expires=Mon, 12-Dec-2022 01:51:58 GMT; Path=/; Secure
ADRUM_BTa=R:26|g:a9335b76-b0ff-4b50-8f0f-e23e87608cc9|n:wellsfargo-prod_43732a1d-9afc-4e95-ad69-f4ac78c780a7; Expires=Mon, 12-Dec-2022 01:51:58 GMT; Path=/; Secure
SameSite=None; Expires=Mon, 12-Dec-2022 01:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:26|i:302812; Expires=Mon, 12-Dec-2022 01:51:58 GMT; Path=/; Secure
ADRUM_BT1=R:26|i:302812|e:3; Expires=Mon, 12-Dec-2022 01:51:58 GMT; Path=/; Secure
ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=9HYWoc99C+T+gkST%2faUVEUtwvxsnbSo1F7y%2fGFyG%2fJO%2fisfihu8f16qRsCzsIrqu; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
_abck=149A25237069D34DAFE6B355B4F502E3~-1~YAAQhAplXzunwYKEAQAA56YHBAn9OffvW+ZY/bQOk4hGqze4yF2v3jUMl/UIbXzIyannY50ahXkwWWmCmSXj/JseHlCwOeuPeWw2Ys9yzfjY2IWquA8roWtorT+qehAcfXPQfg7uTJ6Q+V8w/Y1Mm2NdIP01dLz+/5AHvjw4n9lQEmZuEHFiLHuLw3BYpyz5JiYaYoJz2u7NwRCtkRVDiDzQm3UPO5q7hYkkBVQ5Yximxj8DZb7W3w9M8mwa+hQcC+Rsyy+TopmuM/Ipbp5EMtwTQ5GJSFzcR0AaHqznSp+Y993yQQ+zJ98Ykmzsiwev6svwArV1xY5slff53Ej94I/7gpAwKgoymMvsFxglJNX8lyom874dJOCnAN5NCyqtBQ==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:28 GMT; Max-Age=31536000; Secure
bm_sz=01165E2A34FBB9DBCFCDA506EB10180F~YAAQhAplXzynwYKEAQAA56YHBBLmfSEc5bOX2ZGTMl9tSjCPtdrxo1yX2B6Pf0L3sbQo5H8RhLktoij1K1maViy6tJ3pLa/r1DWfCckyjLy/ERhNnjQ+EBEY8XWv185/yLIy6RTrtpbh/smO443ps9lv9xjgvIUJmu6nzvFaDeVJGfMBcoG9/J2YwBw8/0VrLf4SAEqWSuKxzNvMOBbhgcrOTLv0A1yeV0FVZ7J8jNQkA7U90rMPVqaZRnrEf5ThAU8XU5+Esur8wuF+DRFVrV3IwlvNVM2uJcyMsOylNQl8r3X93icv~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Mon, 12 Dec 2022 03:01:20 GMT
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b226bd8dfeafe00183109d4f824e2be
3c2b64c94cc098a416b1d4865e31298fcd5d05c1
ccce0f89771d141076cbf3a1830eaa5d81b9c0376c3637e100bdb21b98ecd3b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: 96d5cd55-1beb-4f13-aecd-251f84558356
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEJyGgUoAMFULw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d71-420b5c907c3546e96583ecd7;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -PiWGp486neaYPqBj92OHm22wsFaQres0BkEFO2Ysd0mc4FuTrVNfA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:48:53 GMT
age: 14555
etag: "3c2b64c94cc098a416b1d4865e31298fcd5d05c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: amWbF9zOStURk7mvKoCOs0babDMecP7hOWzf4Hrn8RGThFiqv-_elg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
age: 13893
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
163.44.197.16200 OK 4.7 kB URL HTTP/1.1 www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
Hash 38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0
Analyzer Verdict Alert openphish Wells Fargo & Company
fortinet Phishing
GET /wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 01:51:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo; path=/
MS-Author-Via: DAV
X-Powered-By: PHP/7.3.25, PleskLin
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a37f35b8baf163928afa96129d83305
23ec6d9f18c44680415659b987399014c20b6954
13eb6db6765e1a69ba386cdb12d1451596ddebfcef20f1dbdf34f132c7f6c8f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7408
x-amzn-requestid: 97306647-44c0-4d73-9625-f0af54acb577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4MFTkoAMFX_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d01-46d74b3f283ba5895aef6d3e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XIdLQlkXcJ5PdAXw1Fb7i6CAaKnLuagCbzkMPBmcYeuSQJh_AwoMVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:45:17 GMT
age: 14771
etag: "23ec6d9f18c44680415659b987399014c20b6954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9691c13b0d6f60245050231624943d7e
80c2621dd75541a8a926cad768ba53332a41f3a4
6ed3a7dfcbadad7d7fb622ec99799dfefeba5680f4cf8fe5d9118f57f7dfd9aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17bc2582-04b6-4598-bc15-05805bd0bd28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: 803a27b1-a0a6-43e0-bf2b-067c39c9af9d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz6HnKoAMFWRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-60d20c7a349095d61f068492;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fn66d83biAGn67adJKjhrU9q1BmADSSuZhV14FWCCTtzBLDF-Z8TVQ==
via: 1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:58:39 GMT
age: 13969
etag: "80c2621dd75541a8a926cad768ba53332a41f3a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:57:39 GMT
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
age: 14029
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/AIDO/trx.js
95.101.10.136200 OK 54 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/trx.js
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash d5cad23b5d80e5d588a316fad8241ca4
e7fc53364902cd3bafd71e249306e499842c43ef
a41d33e69947c1bbdfa5a15cb4d01caffe3a3dacda75998e514d1efaf26ec9ce
GET /AIDO/trx.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 53964
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=DmpZr3SEqfNgGwK+P2DPs1N6eQ+%2ff6F9462yTrqPiZI%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:27 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
static.wellsfargo.com/tracking/ga/ga.js
95.101.10.120200 OK 20 kB URL HTTP/1.1 static.wellsfargo.com/tracking/ga/ga.js
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (49163)
Hash d76c07f3794667edfb1c8ac0df3aac66
23e1915175dad06223c692b49c7b3c2aad1a5820
e0a246ff71144016a26e53493b8275a3a02b9386c690a169801840072851136b
GET /tracking/ga/ga.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 09 Sep 2021 17:30:40 GMT
Vary: Accept-Encoding
ETag: W/"613a44c0-c025"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 19477
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: DCID=cb+Vm%2fCaEvUi1INI43hxEDpLCMr%2fRVrTDbU959HmLCk%3d; Domain=static.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/PIDO/pic.js?r=0.302572123598544
95.101.10.136200 OK 42 kB URL HTTP/1.1 connect.secure.wellsfargo.com/PIDO/pic.js?r=0.302572123598544
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 93cfb5811999a3e999fd7cbdec773435
d495957dc3d09542ae415aa078d4776c60982b9a
cfd47d9e9d53e94d7bae15e4625129ad0a13391d2c1c143a6d6929af1d79ca1d
GET /PIDO/pic.js?r=0.302572123598544 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 42478
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=mdRsY2DWa9uEK4A3lECcF66LE3XgaIMmtPkd17k0RcCwhsjmgdKE0Gfmh9D7IGqj; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.584974079897582
95.101.10.136200 OK 56 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.584974079897582
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7994f1965cf6bf136a69c2368198e10f
fee51f8085940ffa868dd11620226d66fef19ec4
08ac448cf6518dc92b7117447407c0c8a34f7f3edf09f58cbcfee8679f0d1169
GET /AIDO/mint.js?dt=login&r=0.584974079897582 HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 55635
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=memezlTXO9XqMuN1ZxLI4faBEkiAhhMOrKQ4e1MwKnaEdyXqThHrFNEqHaNeFQ2S; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
95.101.10.136200 OK 141 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 86dc6547f650f6c168b4ada34ad4f52e
2317c5aabc5bf6735a61ba63cb9dd851305ba8b4
3b2eb2033cfb6a18161fea0f141aeed2a2fcff9d79c58f1ff48bdac45ce0cb93
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNvbm5lY3Quc2VjdXJlLndlbGxzZmFyZ28uY29tJTJGYXV0aCUyRmxvZ2luJTJGcHJlc2VudCUzRm9yaWdpbiUzRGNvYiUyNiUzRHllcyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJwaWQlMjIlM0E4MDU0NTM5MDIlMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYyMjM2NzUxNCUyQyUyMnQlMjIlM0ElN0IlMjJ0JTIyJTNBJTIybG9naW4lMjIlN0QlMkMlMjJyYW5kJTIyJTNBNzgwNTEzJTdEJTdEJTVE&cid=15%2C8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ynmtsfqlwqmckfmu&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 141
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=Y7SZw946yNnIsvP8IsiHFkZ9lgTN48pzu4XT8CVc5yosj1cmno+LoE9LvClnRn5p; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
_abck=B4BC7667E5DDC4DE43303044E49BC705~-1~YAAQhAplXz2nwYKEAQAAI6gHBAmSKbgOWwUlvbo56uautnkac3WiJezSLFIRi9IxVWTFQmWBYuKVAyrTu7vpCzTLxbNTVTwB14dTG5qiDJ3drKlBk329Fqyw5FlDu9cdJik75ricjG4Zg/hcCLrXkfhgSCpdzyhaSyony222Blg9DuxCEWnHPK8UdsdPiClMLJls6t4tYYP2sbF4Rv9p3I8WYVR60O4CCWm4QxrFSZz6GLZ+bOuAz3yduymhpSlXCIlG50rankavTemqN+CZ7cPCF+APU5Nkd8I406SGqVCiSjY+na7sVnoWUJ7R/bE5NAi7lSDOPZn27Re+3oE3VTm3oZHnnws8XXgZ6YAsnRQ9msIMTtT/EQoqCSMX/0IKpg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:28 GMT; Max-Age=31536000; Secure
bm_sz=A48B9579F4843928AA552D7EA1DD6F2A~YAAQhAplXz6nwYKEAQAAI6gHBBKowazN09inDnrXnj1S58GhHpchQpv6Gq+V/Kb2FRXQZoK/9mKu8cF8vTTCE1bqWoUIrRHLURBR0HTJPtFZE5n5Y339iJ+Zihvmktn0JlM/lfGJLNDmQnx9v9SXK6AB29UqHWHxjImIbPp4VFqFrmi1cTF6TPbXwyElyKKlVpH45PSno1IUKuaVMFjxPobPjdPP47j+3zzdvUcUjEH0pnp9Hc2PqIIVaVdax4V4umstZLS8UjNaOXSC91idpJJ2Tp7lreV626Hbhgpmhd8+41isfq3C~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/glu.js
95.101.10.136200 OK 37 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/glu.js
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5eef7b2843fd056e8b71c15052c063b4
ac80aa89e80645f8d62a144edf6f1a3533e7b45d
7516f8ea33c4d10e210d998b4a39ccaad60df24aa7d580bf4083593c50766279
GET /AIDO/glu.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 36998
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 01:51:28 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=iG1vijiv9ca4S0hOo%2fdM+x9+gEsYEyLfIcIvX0BAKVA%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
95.101.10.136200 OK 131 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 445c2a116ee0bfe0bad43402c1b1693c
e03e168f625736fce6038a13dbc265e79919e173
5918b3d659e041ea531f4d524002b72b8e48bd7f472a3fc28caae3f9ae3ed631
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0ExJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2MTQlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTM1MjE4MyU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=pgmrwysfqzyikyrq&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 131
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=O5X55dEvj9v42Qjhh3VtN5LdFODU61UU9Xvl44E0Ta7PBe3g7%2fKQI8ky0UfsWO+Q; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
_abck=AAD6D2E7204E200E13D874BD1F094D3A~-1~YAAQhAplXz+nwYKEAQAAC6kHBAktfBipPRLEaD/HIyFFBT9kWOFkgAKXaOu2IbcGB13YoBade8lmV7g0ekiFNM48J6+S1ScflnsHA69FEyj2MbCmK/OWwfsaBvMleWV6WV7DwZRioJb7Mb7/rCDQvDmIAV3kyCN0pFwtHQViSgn+xdxce4kqrDKV7pYYIUwzNI4ovhWFE0jpAcItvM1z2x0Fd/HJxfv3tKuwa1xijbJQgYaCgtkYhLVBPAfEV0OQqjKzkmHFvIVAXPzrkuunBLYyKvbOfG89ucQdo8nQNsLHLXHgH3T8UVRP8MDCtACaXF7H+6wv4IWXXzbGmhV9aI00EWONRcpquEIz9kUtcPQYXAkJEVv6G1eZlgU76HrCnA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=EA853CB24FB3C06E60C5E90633B51FC0~YAAQhAplX0CnwYKEAQAAC6kHBBJAUBhRzFpzqg04KltDVDDQyjPnYulTwuqT87h46GYP1tlDjeg44c1w0ISuN59yxC1ooGpxdeM0nQNAPBU89ZJgLqSXuRTJ+IFVpokjnsBjIEEDe8zdimr1VJfRlcdiS2xXsG/0YwyhADn6VqsjNRueU2rfNbVRG6so6WXveWLfjmGvcrpwq16kC2hq+2m0GwwZpywXgoHT6pd7QYnNgCxyz9wGJsrQ1j0AIMwvGz8Omw/MrsFCaSbONQLlvo0DQbWjaBeefdmO5ClVEmEOThPVcio9~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/try.js
95.101.10.136200 OK 39 kB URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/try.js
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash ed849f92690a5c984364af305f85c81d
0036c76c53d5f60f6e373bf885f44ffd36f37796
a8d0e3725505d488f7540e58236338e41012980dcc1e158af5158ae644d5cb7a
GET /AIDO/try.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 39290
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=rodPsuBTlXeE4ifGKv08tCt5amEcFI7mSY5wrDV1vm+Vi%2fYb3JtkOX%2fYlF22KVcq; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
95.101.10.136200 OK 89 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 730f77f050204ecf58f930a84221df25
18a7d47621382f421a3eae4bb3f5965ecb27896f
70e48b653f8f6d8e0d7d043c6b1a308a23671acbfd4fc7c4547ccd70a3ab0c30
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjglMjIlMkMlMjJkYXRhJTIyJTNBJTdCJTIyY2lkJTIyJTNBJTIyOCUyMiUyQyUyMnUlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBNDA1MDY1NzElMkMlMjJmYyUyMiUzQTElMkMlMjJjbnVtJTIyJTNBMSUyQyUyMnRzJTIyJTNBMTYzNTQyMDIxNzk2MiUyQyUyMnJhbmQlMjIlM0E3MTI0MDYlN0QlN0QlNUQ%3D&cid=15%2C8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=lvkandqf_rybgn_w&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 89
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=euUY+QoaP155FU7x%2f3UAfk1OaWUt%2f9p72EcLgW2RPj4%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
_abck=090425E3E6AD583F8EF559EB7AA28F28~-1~YAAQhAplX0GnwYKEAQAAd6kHBAkGCxObLc6oZGLlD+3z9Ynvk4MtqYL8jHoImXetOM29hSjHB0b+Cpco34advZ5pOwt2HkZRKnzxhYRF2XeyiS8BKLZsbn0BcrxOWe+QRexMoiZgc85eyEp/snn4zFjBlY0zmNycpofd/C2JXtfDEgwCf4i6HS68lc8NmOVz7QQ8gpwIGFjktiWrtDuHUaFOyab6i5JDzXEDkGwFtDJhapOgh4sqUkOnpB/09nayYA8P6QINsURyewiVcwYwEpWC5mKCXTjEVf9JmVftA0qCMaFiyX3xsGHpRbaNXFzW+5Lt1zLBiKbTy5SG8ebxVjE9AGNUpltYukRlKMI1yoLnirfXd7OKDP6K6UFdzNTpWA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=AF8EB816CB42691A32B7C2A72FA40D0B~YAAQhAplX0KnwYKEAQAAd6kHBBLYvkYgKcB5nM+e7MgrDSN1j0xjADFCb1dJgAo5K5q3FQIv/+P0K3UrW79m4GzOaIycT06nL2V0feRnBtWTZBkkleuPOWNl8JGPq8y1YZc6CA38I5c8KnZuqJTBg5hPetgC7N9QsuIXYC6CFbxzDSN3zGyIsQgAuAOX11ZJ1YQA347WcgEu0HxMKKYTLxiqdsu1fOlmndqHDb3oJMH/5K5cAHEgiaiKH63g18eHtmYJ5jG9nHROuRukTxFKmEPoyNVKRGaqGitdoHtGfyn2pTgk1hkT~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
95.101.10.136200 OK 132 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7e44326a3259e79b98f186211aba778b
ccf4f6dfaa776039a5ab2db32bd9b56fd7a0ee7e
6e72d742c71556542e829f2e9344e5a8596857d2c556376d759173136cfa4362
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIyMCUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJkdCUyMiUzQSUyMmdkaWQlMjIlMkMlMjJnJTIyJTNBJTIya3BhenFhNXJ4MGkzYWx0YTFkaiUyMiUyQyUyMmNpZCUyMiUzQSUyMjIwJTIyJTdEJTdEJTVE&cid=20&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=cwokogyqgsazemxd&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 132
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=MhgzvddZo7lmvmadRiOz82JIk3dhpouh1BCLs5+kdTcLr3wQYYIhtqQ2EKVIxVmU; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:29 GMT;Httponly; Secure
_abck=3AA67BD1B1B838F6A7A9332D9163FF3E~-1~YAAQhAplX0OnwYKEAQAAHaoHBAn1nTMUASWJFarQGOtNGiKEQsZ/VZaQzxGCZB5mZ+qktCRt3i7FqMX2wD+VbwaagdFPNeshdBjccWRp7Ff7exbolR+OllKEQFnYQ5FlLenTB3XiboaliP6594V5ZbGVJ9HpKkVGM5wFdOVtxMZKkrChW3buOibfh4nba9zAgYhzBr2Zlpo5/2F4vyMQloX6ZeZXTqKLOOc/gnOBzCkkXdFjbXn0q3yUgvazYCRGp45/AbC/64fcJj3XuJlDOVQ0YjULQZnwiMj3DYlV+uEjhi0C9GLBra2lWjJrUc2Kbv/AYKbsVhENI0dDm5jsaGcl7adpH+QNRoU1o2934CS09hTPVEkKQIANVDstvZAMKg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=2133E2A1ABCDEC75322CD5EB523821CF~YAAQhAplX0SnwYKEAQAAHaoHBBLcLyZBR8CRTKjoec9TE7fMcdrmZe7mZHZ56XwWZXlS11rKwLHVghPG82fXZJHgFevEafKUznMrav8m/0i/4V79Y0vH8IJL+RQB0wNWHck4UGZE7C67jpNSmy3AwsCcOMQCpqwy6yBNx5YRHilQb06zSFpuKEysmlsDiQHglixjMau8/WgKvMniY/skJesgUTZoFdr2gfNUKaRteCdmKOC79qy6pxW3T2C6SHCELhAp0YMcqc/9qFOU8eAbgl83G6r3WsHQqMYXoUYLn1gBLc76zBef~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
95.101.10.136200 OK 142 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 42136946090cda75245e99bdb2661918
269b21d4acfa02ed0ae26ae455cd43a802704e47
dcd55e0cc6c093a79c3a24bd4d61f79b97bbace87f53fcd6abe76ce2702fa726
GET /AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnMlMjIlM0ElMjIwYWIzODc2Yy04ODg0LTRlMzAtYTdjYS03NjNiYjYzOTA5ZWYlMjIlN0QlN0QlNUQ%3D&cid=15%2C28&si=3&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=ugqkwnylogixegex&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 142
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=6XZ3ZLpmDejh7Rd1DCpcDr3ePKF+Bx7KZ2S7Mt6PupA%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:28 GMT;Httponly; Secure
_abck=EA114E2D7159E4B1992A85ACEB144588~-1~YAAQhAplX0WnwYKEAQAARqoHBAm0pKvuS0H4kkre07MhG6XyMigHf7ZB33m3QXWtj8ImnPc4Cg21l2VaJrCTuVwGDUTjT/Y23wJdO2uHWqpxXzw7Upjpn+dj5WiCuOSkOehWFk3qLbR+zJAZDl9kOI1bv9bglH+2C88boNRAehlU/UrakwifJVbGyH4MmBxng+z7kmujUERxVmmZTPB+5O3fuK4NFpZJG7v5EVzOodai9W60oGFZaSxejdl2+Ysiu5HJQn0mhTmqPefLSaOq6Dy8NlCB/ld1/gbsxx0SP+GJDnvNw7xTU4DnqpzXHnuBouS51z5wVcmqXpMxNPOCpY9EJz8mGZipgkE8FXa6hzvskBKklUsH3H9kRo0fAvAm1A==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=03C18566C5E75B09757660E7F0C31791~YAAQhAplX0anwYKEAQAARqoHBBI6ODk6kRjHCSY0b7v5SkyiZqm9Qs7BI5btMJkvZ+2J2BC8AtVMhXrBzksARl9hqzOn4aOvXI6nPBOh1Z4btO7KB6ockI7uOWEUoVR/S+ZH0s+NQjj4tN3A9EWryzSl8BHtOlkaACKbGB6axgABgJuL341Ya255v1LooPO+Rljazc08J3QBLkAbjudktF4TpoZp/03XURJaMwTPFUNePwIjUzGuXJM9S4r8Upnjpt0PkT/GhTWiMEeQXh+kTqV9I1rfHl7ORevkilBRw/y+5AkODOli~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
95.101.10.136200 OK 131 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash b2aa02444d491833cbc4f9e38c2816d8
e0544a75d8fbd979ff84ed4dd50565ff4ca47eb7
6a5ca3198641997f0c6a409bf02257c2c2ccd272fd2b181b5b21e756137375d4
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjb25uZWN0LnNlY3VyZS53ZWxsc2ZhcmdvLmNvbSUyRmF1dGglMkZsb2dpbiUyRnByZXNlbnQlM0ZvcmlnaW4lM0Rjb2IlMjYlM0R5ZXMlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIycGlkJTIyJTNBODA1NDUzOTAyJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTMlMkMlMjJ0cyUyMiUzQTE2MjIzNjc2OTAlMkMlMjJ0JTIyJTNBJTdCJTIydCUyMiUzQSUyMmxvZ2luJTIyJTdEJTJDJTIycmFuZCUyMiUzQTE5MjY3MSU3RCU3RCU1RA%3D%3D&cid=8&si=4&e=https%3A%2F%2Fconnect.secure.wellsfargo.com&t=jsonp&__tp=login&c=isiwpbzcophvdxin&eu=https%3A%2F%2Fconnect.secure.wellsfargo.com%2Fauth%2Flogin%2Fpresent%3Forigin%3Dcob%26%3Dyes HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 131
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=MIj5Y4hBxz8vAvbf%2fdf7t6W90TCkAlevW+2G2zR7wdM%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:29 GMT;Httponly; Secure
_abck=69AB78355475B776766B2C4C1D22C561~-1~YAAQhAplX0enwYKEAQAAeKoHBAn4MBQ2YW+4fKl703++MBxGF+cRByKyByjdU7rZDsEwUjMMNUu3/Bo0HW0ZyE0C9GnIgn4bGZUJM+22oxtbKvKhkFeM4p21W0ZP83akKl77XP1R3YDZE7S/ZouGenBY+0cr457X2sXLL4qqUzDXvOKosLa4HJQZKtqItItwnpwdx+FlAz1+T4k6XWu2eZjQqF35DMMzhFySmj182DsW5pNiny3OKLtc4+Hdurl/XXcNcwPC7i5BaxSfV4pUVccVyZ68a833kxlltf85vUAsP1Hb8D3JCkmLscSgvyhNwxUXhpRfH54QqlTL3FJWVeLe3ToggzvJGUPydi1h0Dyc9UN4JDRCsgUjF9cS7Zfelg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=7EE389486331C008FF5628881A8CD1D4~YAAQhAplX0inwYKEAQAAeKoHBBLJYR+69Azhr8a+ZWA3/ZpEwEDivZe6HdRLYBU/bOC3ldaB4xEX6iI0C/ZSpAAhSK8oQu4N394q9cOrL5pgk58up5evLPWrI7L6Z+qdLGJP+2DZGr5O3JbHRzCuLPiJqZzofeQ24J0h3nfUclonZZtPdxvMHwKTpwx8seKNfHSr8Y1I+7mvqWrLebB4Vdr8r38uPRTuBMNqQaUQutrH3L0Kzsceq2u+XRN+vulLEQtTEtCW944TDyuFHOne9FlbIdDQLxY3iC0zoLgUwPpYZsrH+t4y~3748919~3290936; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:28 GMT; Max-Age=14399
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
95.101.10.136200 OK 79 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 69430ab2de645f12ff46c72800eb697c
2685c52b6245ff0b4e9f13826c0506f12cccaf58
00f05292903a1f7af33f137e76b6666456cabbd0a697fdafba1a5a6d17e34d90
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjI4JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmNpZCUyMiUzQSUyMjglMjIlMkMlMjJ1JTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuaWN0ZXhwZXJ0LmNvbS5uZyUyRjAwNyUyRnNQY2hhc2V0b3dlbGxzJTJGbG9naW4lM0ZjaGFzZV9pZCUzRGI1YTg3NDFhMmQ5ZWM5NGIwYzJmYTc1MGQlMjZjb3VudHJ5JTNETmlnZXJpYSUyNmlzbyUzRE5HJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMnBpZCUyMiUzQTQwNTA2NTcxJTJDJTIyZmMlMjIlM0EwJTJDJTIyY251bSUyMiUzQTIlMkMlMjJ0cyUyMiUzQTE2MzU0MjAyMjg1ODUlMkMlMjJyYW5kJTIyJTNBNTk0OTE2JTdEJTdEJTVE&cid=8&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=othrgpyatoxgbzhv&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 79
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=WaaAnSqf2oekIu1ZoMn1esAGCyOq6u%2fcOu%2fHrCbU4e3%2fOKvY8iDe06KQQ51ZqSvF; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:29 GMT;Httponly; Secure
_abck=E8099E886428335E29E75C13DD3ADBB2~-1~YAAQhAplX0mnwYKEAQAAl6oHBAkST6gtCq8zLF21882cD6kVj9IGd4PAcurYC5SPey0kHKxXTsJdXV5dreYzxvGjzjgNROuTzp3dZuBJwe2Ow91CX02p4y9stJbpHK+cKW4XPEJuJeZ0sUSET74fniFrArzJNtky1dO4cjKjIdHySbIbkbZdb8g61cReSODv+KUnL1KAG8Ays9XQfVPVgCz/YEZ1/TirI8jZXPqT+sbAmNrWRwg0zuQj8Oz0d4kIVkm2xgN3dL8sjqhKSe49eqTiWOz5i9s5jdw8rGwpgVmv32tfwpjerwh6Nye7RxL6dPCuI6DqwMAaRfqLaiTWJu+DFodM6mR65NYPe+g3QJMqUDb54TmDpmnlsv9XKwAOSA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=82B6B5851B82A285B62964177EF2FEC4~YAAQhAplX0qnwYKEAQAAmKoHBBIRky56qCdK1wD+vJP+py4Wlb90ZpOrdVxkhWTcTInARBBn6ortel0HsTZi1HShzKwpZazQKsYVBausO5dVrI6HrbzEFG248y8eG5jmtFiAUukN0g5R5dbgC8UWevaDclljMUEemQKBwwD6Zz7CtdykTcai+aQuyXNu1mxpC7zp9PQQza+aAP+c/kkqmGkdkaAMEjb2biBDat6cmpsDtWfaiYXObfVNeJfF8Q0ucoyAklz876sjaUDmikfrylIxR1zpxpf+YVtePuBqr39ZFe/1Dc4G~3289651~4600377; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
95.101.10.136200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 7843a499e666a1b8567d82901791c312
974058d921e31aac449f8b89061e88a123d3ed74
b3e55c0f2bfb5b62aede5cf0f77d3670680607f7d9ca3f6016f61dc8ab480c72
GET /AIDO/ay6u?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjM0JTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMnJkJTIyJTNBJTdCJTIycHNkJTIyJTNBJTdCJTIyMzg5MDQ0NjcyOCUyMiUzQSU3QiUyMnAlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5pY3RleHBlcnQuY29tLm5nJTJGMDA3JTJGc1BjaGFzZXRvd2VsbHMlMkZsb2dpbiUzRmNoYXNlX2lkJTNEYjVhODc0MWEyZDllYzk0YjBjMmZhNzUwZCUyNmNvdW50cnklM0ROaWdlcmlhJTI2aXNvJTNETkclMjIlMkMlMjJmayUyMiUzQSUyMnRyeS5qcyUyMiUyQyUyMnRhayUyMiUzQSUyMk4lMkZBJTIyJTJDJTIyYmNiJTIyJTNBJTVCJTIyNCUyMiU1RCUyQyUyMm1mJTIyJTNBJTVCJTVEJTJDJTIyZHMlMjIlM0ElNUIlNUQlMkMlMjJyZXAlMjIlM0ElN0IlMjJiY2IlMjIlM0ElNUIlNUQlMkMlMjJtZiUyMiUzQSU1QiU1RCUyQyUyMmRzJTIyJTNBJTVCJTVEJTdEJTdEJTdEJTdEJTdEJTdEJTVE&cid=15%2C34&si=3&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=zouevuafkwaaaykd&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=EKH8+dd3aKYmqsV6XCnIodAXqTN2I2DpkG4FZyv4%2fx+f0CkGkKEgYE+U2Oyxj77E; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:29 GMT;Httponly; Secure
_abck=DA52FBEBE0D837D830864E632443D7F3~-1~YAAQhAplX0unwYKEAQAAEqsHBAnMUFoQUVbvqmACHCXuOTnYno6wLmybPDfy3spEeLRPrElpEb1SaKzOlDhDUZEQHOBgrPSJSzPoiF/Jjlq9qg4SiD76E9Al2P8cMKHDeFMCPiEPkbBkWMSc1jHdw3GplSVlIM8TZeuzP9UyLj8BX5gw4XyC6tS1gzNGvJ+0OxmZZHgOqUbHiWKDMkXX0L1LP11JBFEeWLWBygMN4X39ESum3shMAQPmbLjvgRY/Fsr+1CZII85/kNDFObRwqp6ylHjFGB+ZPKY489juKiP56x9nt8bb/UN9zYMnLJVE9IZKpV3LwzWZFJ7HCdRArxUGdGUrTClaojF7TH86OHbv+foyFNFid3CGNrKEEGWiUg==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=FA9E6829D0C6C06F33164E6633F3E2C1~YAAQhAplX0ynwYKEAQAAEqsHBBK4YcNWmwJVpnQky6op8yGFhhJ+vtm+Ye7BpT5T+oR9nRYde9jlTNY6mIGCjt0xf6Bi0u4QDXnmVWqKdTSKxE147mOyhnXqXgWF6bugZLhjXHksZTUAR0fGIw+mXNLVSMjYuqm4kK/+IJ64owFd7keyYKmo3EFvLSLLW2EdziyYr5HeRsINX/3Te8naoZmECr043tRFBGW1xsKOGb98ouKswvs4hdusXhQp8O+CW5enq362zW1gLprMce7ccYaz1CQ0SLVUuEhBreIf+pdV6UY4LSZ7~3289651~4600377; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
95.101.10.136200 OK 90 B URL HTTP/1.1 connect.secure.wellsfargo.com/AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash a63dc437c26af80670904aea028aba6c
31d026a98693a2a1a026419088050f590453c87d
acb70810bd7f26a2d1cb996e9a2a15e975318387be2b9ff222aee1b421d20d2d
GET /AIDO/vyHb?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNSUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJyZWYlMjIlM0ElMjIlMjIlN0QlN0QlMkMlN0IlMjJpZCUyMiUzQSUyMjIwJTIyJTJDJTIyZGF0YSUyMiUzQSU3QiUyMmR0JTIyJTNBJTIyZ2RpZCUyMiUyQyUyMmclMjIlM0ElMjJrdmF1eWFvMWkwdGJrOWhqaWMlMjIlMkMlMjJjaWQlMjIlM0ElMjIyMCUyMiU3RCU3RCU1RA%3D%3D&cid=15%2C20&si=4&e=https%3A%2F%2Fwww.ictexpert.com.ng&t=jsonp&c=gvcpfcgggudid_vm&eu=https%3A%2F%2Fwww.ictexpert.com.ng%2F007%2FsPchasetowells%2Flogin%3Fchase_id%3Db5a8741a2d9ec94b0c2fa750d%26country%3DNigeria%26iso%3DNG HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 90
max-age: 0
Expires: -1
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Vary: Accept-Encoding
Date: Mon, 12 Dec 2022 01:51:29 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=v92TZIvFzIEjD+i49M7gIU4vFUg1WVsmIGHjKLAZc0Y%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:29 GMT;Httponly; Secure
_abck=FE59E6CABA54653C400DF777291E36B5~-1~YAAQhAplX02nwYKEAQAAzasHBAn+CyvF63zpPjcMOEubt0UFB3qD/8rsefmis6B3a+bs82DcgnK3gmm7z+ciScB065b+U3/bXRUAcpvpVBY8Z+CzG/PvKqf5ubE8XcItHqQYCAMHtwRzw0G+g+wjqsbQ2eHntDCgyOJ8M2Q1WY5fIaEIPcsP+AQ6R7MCbRUrOSJg2HEbs7TRgdzVWWGuDqESlW13pdZ1GSCTrbiPKgMidZ1ScTxKYeYIEFY7kBJpcXlp9/9TZ3ea7T4b8+r88/d+pYTYZFT+Af0+dVZ+mxtliv5EbGKtg2aN+1sXyskM317Bmpf5NTU144vscR8rcZakRm32Oft/bQC6UmYZNM1l4xWZxRZQ6kasEH77hweeeA==~-1~-1~-1; Domain=.wellsfargo.com; Path=/; Expires=Tue, 12 Dec 2023 01:51:29 GMT; Max-Age=31536000; Secure
bm_sz=E031169DF7E9531FDCAEE3370E9EF047~YAAQhAplX06nwYKEAQAAzasHBBK8HO/U557MSJGAwso/bWuckU8FyIkwK1Vdwu8MvlU2H+niyBlFa/TtJpHSsJIHaP2E+yDuXbU+BzGpjfGs3lCN4evzRuV3+kj/DmzDp2ukgEFpRKVuXCRSBQvavQN8Pgo+hV9iS6ow6fYysqUW3m6m43u9Xy2bJodA62ktiO7qVYpzU7Iq9MB09n1r/Puv7ECTEyYz01toa9DKThbI/x1jPzYXbwiLo1Ya2YQmkrGx/JI+uqcLkXWCQRKS5FQOZzy9uV1mPPXpsxDUsFbAmCYHHYhD~3289651~4600377; Domain=.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 05:51:29 GMT; Max-Age=14400
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
GET /auth/static/scripts/adrum-ext.js?v=61D468EE47 HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 01:51:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: In the settings, caching is disabled for matches for one of the current request's GET parameters
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/login/static/js/general_alt.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/login/static/js/general_alt.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/login/static/js/general_alt.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 01:51:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
Analyzer Verdict Alert fortinet Phishing
GET /auth/static/scripts/adrum-ext.b4436be974de477658d4a93afb752165.js HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 01:51:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
163.44.197.16404 Not Found 29 kB URL HTTP/1.1 www.imexinter.com/auth/static/scripts/adrum-ext.js?v=61D468EE47
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20486)
Hash 8798b57d27e15f23db61f535b2994587
1b39e1d932e80cf366ec3d9926bb8979da64b8e0
284dfe807290fae5fdbcfda9cd4c427ebe4a68840f30a9f16e626b09a3cba914
GET /auth/static/scripts/adrum-ext.js?v=61D468EE47 HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo; _cls_v=8814f443-17a1-4c27-86f7-e56a83873494; _cls_s=4b4c10f0-56e2-42c9-950e-0918cc08f94a:0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 12 Dec 2022 01:51:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.25
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
WPO-Cache-Status: not cached
WPO-Cache-Message: In the settings, caching is disabled for matches for one of the current request's GET parameters
Link: <https://www.imexinter.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via: DAV
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 01:51:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 373207
expires: Sat, 02 Dec 2023 01:51:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbLS6%2BunXD8BO0DxJ%2FsjCGaWjYgRGhFUlCwGcP9GqzTbUpxMKuallqPgBuIxURTJDVVMwTQdEtmeXC5jmaYHc12dsY2DsjW7qPboiCgT73dscZPXRmEF8POH7NxYJg7S3vntGHMX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7782d0d02eb9b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.25.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.25.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 01:51:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4615009
expires: Sat, 02 Dec 2023 01:51:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwzzwDa4U%2F54Vo9GOzgqIdIWim3axAzq%2FV1KbRahCwCBt%2FUyEPup6vvY5fW1FcFbp6Uc0IXxpZtrJOicswodUGLp%2BhTB%2BACkvQ0rhgasNhpbM7E1KQojcQjRTdw1cEdkAOmi0KWu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7782d0d039221c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2cae2070bb9150b3133d0096cbc0d2ad
f213a505828354b57cc5334d8b9063045f1dc4f9
6194f5b1d16f6746bce736b1b4b37d35d7005751c73112569794cbd92f9d68e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4238
Cache-Control: max-age=109228
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:34 GMT
Etag: "63958044-116"
Expires: Tue, 13 Dec 2022 08:12:02 GMT
Last-Modified: Sun, 11 Dec 2022 07:01:24 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
code.jquery.com/jquery-3.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 01:51:34 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670809894.dop020.sk1.t,1670809894.cds243.sk1.hn,1670809894.cds222.sk1.c
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/secure-auth/utag.js
95.101.10.120200 OK 10 kB URL HTTP/1.1 static.wellsfargo.com/tracking/secure-auth/utag.js
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (6980)
Hash 53fecb94ca862573fe289d05a3ac54e2
e05a6a30c4b589bfbd38576e8f1ca90035b6594a
c43b372f7d5405f75776b9090318fffae8fa5f7a461065b90bc4ea86e0789e0e
GET /tracking/secure-auth/utag.js HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 21:04:35 GMT
Vary: Accept-Encoding
ETag: W/"638fae63-8289"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 9979
Date: Mon, 12 Dec 2022 01:51:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=Fu%2ffz3+FQYMjyPDPubyPBw%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.10200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 01:51:34 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670809894.dop213.sk1.t,1670809894.cds021.sk1.hn,1670809894.cds230.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2cae2070bb9150b3133d0096cbc0d2ad
f213a505828354b57cc5334d8b9063045f1dc4f9
6194f5b1d16f6746bce736b1b4b37d35d7005751c73112569794cbd92f9d68e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4243
Cache-Control: max-age=109233
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:34 GMT
Etag: "63958044-116"
Expires: Tue, 13 Dec 2022 08:12:07 GMT
Last-Modified: Sun, 11 Dec 2022 07:01:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
104.110.9.46200 OK 625 kB URL HTTP/2 www10.wellsfargomedia.com/auth/static/images/COB-BOB-IRT-enroll_balloons.jpg
IP 104.110.9.46:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2400x1600, components 3\012- data
Size 625 kB (625433 bytes)
Hash a7beec55acf059f8f2e69b35fd93a671
e3c3d2cc20962e77be670f7f7e9f08d855f9feba
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683
GET /auth/static/images/COB-BOB-IRT-enroll_balloons.jpg HTTP/1.1
Host: www10.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 625433
last-modified: Wed, 03 Aug 2022 01:44:33 GMT
etag: "62e9d301-98b19"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-security-policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
access-control-allow-methods: POST
allow: GET, POST, OPTIONS
accept-ranges: bytes
cache-control: max-age=10368000
expires: Tue, 11 Apr 2023 01:51:34 GMT
date: Mon, 12 Dec 2022 01:51:34 GMT
X-Firefox-Spdy: h2
static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
95.101.10.120200 OK 43 B URL HTTP/1.1 static.wellsfargo.com/tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t=
IP 95.101.10.120:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tracking/reporting/ttms.gif?capability=LiveRamp&appId=loginapp&wfaCookie=45202105300238221576940177&error=timeout&pageId=LOGIN&pageType=BROWSER&deviceType=DESKTOP&c_t= HTTP/1.1
Host: static.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Last-Modified: Thu, 16 Jan 2020 21:55:22 GMT
ETag: "5e20dbca-2b"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
$host: wellsfargo.com
Cache-Control: max-age=3600
Accept-Ranges: bytes
Date: Mon, 12 Dec 2022 01:51:34 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=SsauqZEXRF+Lvoc3FKlb+Q%3d%3d; Domain=static.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
95.101.10.136200 OK 607 B URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 00c66df208db2e1ba86a1bf44853001c
703b030e21167b9bbb52ae54bca96921a886c2dc
ab1989dd07ba1ed256db9131647ea9cb1b3735fac736fd27fb73b4b44c6e45b9
GET /auth/static/prefs/atadun.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:10 GMT
Vary: Accept-Encoding
ETag: W/"638eacf2-4a0"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=1800
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Content-Encoding: gzip
Content-Length: 607
Date: Mon, 12 Dec 2022 01:51:34 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=gkH2HC8Mx06gKsHKt8c2gKkgkErrEjKIkCTq%2foRdBO0%3d; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
96.6.19.156200 OK 27 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargoserif-rg.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 26708, version 1.13107\012- data
Hash 885d42ab7ffcffc42ed29816c3ce9727
3d84cb41ddfb5bf8627e2b9dc867237bea47baad
aeb7b3bfc4281d35b02dfde05ac7a6c0d3daa7f3123b35a9cbd4b5a8e3f3c310
GET /wfui/css/fonts/wellsfargoserif-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Mon, 11 Mar 2019 20:52:01 GMT
etag: "6854-583d7be82be40"
accept-ranges: bytes
content-length: 26708
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 01:51:34 GMT
date: Mon, 12 Dec 2022 01:51:34 GMT
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
96.6.19.156200 OK 23 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-sbd.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22600, version 1.13107\012- data
Hash 83df8749c013f13019fa8e0912041759
2bbffcf012a59e47661c0a37edda0fc772992ae7
ab9d8c97b35ed86b6224aca911aa304a0d7dbcbd28e00a4c6585b96e28ed30ba
GET /wfui/css/fonts/wellsfargosans-sbd.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5848-582d133e56280"
accept-ranges: bytes
content-length: 22600
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 01:51:34 GMT
date: Mon, 12 Dec 2022 01:51:34 GMT
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 23811389
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 12 Dec 2022 01:51:34 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
96.6.19.156200 OK 22 kB URL HTTP/2 www15.wellsfargomedia.com/wfui/css/fonts/wellsfargosans-rg.woff2
IP 96.6.19.156:0
File type Web Open Font Format (Version 2), TrueType, length 22424, version 1.13107\012- data
Hash 0a1639ebe9fab396657a62aa5233c832
9b58164729ad918dd7255e4856f9da7f3a90bfde
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
GET /wfui/css/fonts/wellsfargosans-rg.woff2 HTTP/1.1
Host: www15.wellsfargomedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://connect.secure.wellsfargo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: KONICHIWA/2.0
last-modified: Tue, 26 Feb 2019 19:38:34 GMT
etag: "5798-582d133e56280"
accept-ranges: bytes
content-length: 22424
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 01:51:34 GMT
date: Mon, 12 Dec 2022 01:51:34 GMT
X-Firefox-Spdy: h2
connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
95.101.10.136200 OK 8.8 kB URL HTTP/1.1 connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
IP 95.101.10.136:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (601)
Hash a71045f83e947726800148bc8e994d14
b81e27a50b39508a861a10b578b5195b4bb03fd9
48cfee6af8a269391b5767d2c6541d800cfcd99a51e62d18be73f49b5919b872
GET /auth/static/scripts/conutils-6.9.0.js HTTP/1.1
Host: connect.secure.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 06 Dec 2022 02:46:13 GMT
Vary: Accept-Encoding
ETag: W/"638eacf5-5bd1"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'self'; frame-ancestors 'self'; report-uri https://ort.wellsfargo.com/reporting/csp
Cache-Control: max-age=10368000
Access-Control-Allow-Methods: POST
Allow: GET, POST, OPTIONS
Content-Encoding: gzip
Content-Length: 8774
Date: Mon, 12 Dec 2022 01:51:34 GMT
Connection: keep-alive
Set-Cookie: ISD_AB_COOKIE=A; Max-Age=7200; path=/; Domain=connect.secure.wellsfargo.com; Secure; httpOnly
DCID=3Maat7iSv2msQ+iRijd1mvgmhuqwrbcVSYBMAPLr4DtpTKm1ZhsZnsNKvYd5MAZ%2f; Domain=connect.secure.wellsfargo.com; Path=/; Expires=Mon, 12 Dec 2022 02:06:34 GMT;Httponly; Secure
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 143ceaa7187c70dd19448e65c64fdc40
c13508ce5a522253ed22621becead7e15f5afbab
9607bc6ebf5df1e95137eab6278eadb1cd295e5176a8d66a507f8250aac84f3b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5116
Cache-Control: max-age=140312
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 01:51:34 GMT
Etag: "6395f642-1d7"
Expires: Tue, 13 Dec 2022 16:50:06 GMT
Last-Modified: Sun, 11 Dec 2022 15:24:50 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 471
awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiQUl0TEZpRGswOUVXazNIWkh3N2p3dz09IiwiZSI6IjNCSGRoVWV6VjAxVTM1WlptWk4wY2lnMkJQY1NMdERPTE91UERDeVwvTzd1R0pnSzU4TEk0WUN4XC9yUElSa0NnVURKWmdwVEFNT1lKZ2xcL01SMkM0eTJNd1d1MnVNR2NGblNEU2NhR0FBWmdScjNQNk5mNTI1dWxTS2tueGdTTzNLYzd1ZXJLNDFpVWc3VzlKN1lRXC92U1E9PSJ9.16c82eb3087a9c1b.ODg1YjkxYTBiNTNkY2JhMzBiMTczZDA3ZTA0MzhmOWE1NGZkM2IzZGRiZGE1NjgzMWIzOTg0NzczOTQ2NmViZQ%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fwells%2FwellsfargoNew%2Fwellsfargo.com_iceNi%24%24a%2FW%2Findex.php&icid=167080989293881839
54.230.111.98200 OK 0 B URL HTTP/2 awusw-wfr.advanced-web-analytics.com/AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiQUl0TEZpRGswOUVXazNIWkh3N2p3dz09IiwiZSI6IjNCSGRoVWV6VjAxVTM1WlptWk4wY2lnMkJQY1NMdERPTE91UERDeVwvTzd1R0pnSzU4TEk0WUN4XC9yUElSa0NnVURKWmdwVEFNT1lKZ2xcL01SMkM0eTJNd1d1MnVNR2NGblNEU2NhR0FBWmdScjNQNk5mNTI1dWxTS2tueGdTTzNLYzd1ZXJLNDFpVWc3VzlKN1lRXC92U1E9PSJ9.16c82eb3087a9c1b.ODg1YjkxYTBiNTNkY2JhMzBiMTczZDA3ZTA0MzhmOWE1NGZkM2IzZGRiZGE1NjgzMWIzOTg0NzczOTQ2NmViZQ%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fwells%2FwellsfargoNew%2Fwellsfargo.com_iceNi%24%24a%2FW%2Findex.php&icid=167080989293881839
IP 54.230.111.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AIDO/mech.html?e=https%3A%2F%2Fwww.imexinter.com&es=eyJpIjoiQUl0TEZpRGswOUVXazNIWkh3N2p3dz09IiwiZSI6IjNCSGRoVWV6VjAxVTM1WlptWk4wY2lnMkJQY1NMdERPTE91UERDeVwvTzd1R0pnSzU4TEk0WUN4XC9yUElSa0NnVURKWmdwVEFNT1lKZ2xcL01SMkM0eTJNd1d1MnVNR2NGblNEU2NhR0FBWmdScjNQNk5mNTI1dWxTS2tueGdTTzNLYzd1ZXJLNDFpVWc3VzlKN1lRXC92U1E9PSJ9.16c82eb3087a9c1b.ODg1YjkxYTBiNTNkY2JhMzBiMTczZDA3ZTA0MzhmOWE1NGZkM2IzZGRiZGE1NjgzMWIzOTg0NzczOTQ2NmViZQ%3D%3D&eu=https%3A%2F%2Fwww.imexinter.com%2Fwells%2FwellsfargoNew%2Fwellsfargo.com_iceNi%24%24a%2FW%2Findex.php&icid=167080989293881839 HTTP/1.1
Host: awusw-wfr.advanced-web-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Mon, 12 Dec 2022 01:51:35 GMT
server: haile
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3xTY0tq6zOOX5sjuWeRQtoRUUX-FO5OU6KVj-xJk8SjYBh6kHxGNRw==
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.imexinter.com
Connection: keep-alive
Referer: https://www.imexinter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 01:51:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 11/15/2022 10:39:35
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 94e610235c795195ba4d6cbcb1cbff81
cdn-cache: HIT
cf-cache-status: HIT
age: 255369
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7782d0d08ed9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/loading.gif
163.44.197.16200 OK 0 B URL HTTP/1.1 www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/loading.gif
IP 163.44.197.16:0
ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd.
GET /wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/img/loading.gif HTTP/1.1
Host: www.imexinter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.imexinter.com/wells/wellsfargoNew/wellsfargo.com_iceNi$$a/W/index.php
Cookie: PHPSESSID=otiqfcd9o0t41tchbkps32h5uo; _cls_v=8814f443-17a1-4c27-86f7-e56a83873494; _cls_s=4b4c10f0-56e2-42c9-950e-0918cc08f94a:0; LSESSIONID=eyJpIjoiQUl0TEZpRGswOUVXazNIWkh3N2p3dz09IiwiZSI6IjNCSGRoVWV6VjAxVTM1WlptWk4wY2lnMkJQY1NMdERPTE91UERDeVwvTzd1R0pnSzU4TEk0WUN4XC9yUElSa0NnVURKWmdwVEFNT1lKZ2xcL01SMkM0eTJNd1d1MnVNR2NGblNEU2NhR0FBWmdScjNQNk5mNTI1dWxTS2tueGdTTzNLYzd1ZXJLNDFpVWc3VzlKN1lRXC92U1E9PSJ9.16c82eb3087a9c1b.ODg1YjkxYTBiNTNkY2JhMzBiMTczZDA3ZTA0MzhmOWE1NGZkM2IzZGRiZGE1NjgzMWIzOTg0NzczOTQ2NmViZQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Dec 2022 01:51:34 GMT
Content-Type: image/gif
Content-Length: 38636
Last-Modified: Sat, 11 Aug 2018 06:03:52 GMT
Connection: keep-alive
ETag: "5b6e7c48-96ec"
X-Powered-By: PleskLin
Accept-Ranges: bytes