8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
Open in
urlscan Pro
67.23.254.254
Malicious Activity!
Public Scan
Submission: On September 02 via automatic, source openphish — Scanned from NO
Summary
This is the only time 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
ASN33182 (DIMENOC, US)
PTR: reseller-223.mco2.hostdime.com
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no |
ASN16625 (AKAMAI-AS, US)
PTR: a23-2-195-4.deploy.static.akamaitechnologies.com
www01.wellsfargomedia.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-225-203.eu-west-1.compute.amazonaws.com
wellsfargobankna.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-138.deploy.static.akamaitechnologies.com
rubicon.wellsfargo.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
2549153.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com |
ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net
stats.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-47-22.us-west-2.compute.amazonaws.com
pdx-col.eum-appdynamics.com |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
adservice.google.no |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
wellsfargomedia.com
www01.wellsfargomedia.com — Cisco Umbrella Rank: 17733 |
560 KB |
28 |
wellsfargo.com
static.wellsfargo.com — Cisco Umbrella Rank: 13480 www.wellsfargo.com — Cisco Umbrella Rank: 11279 connect.secure.wellsfargo.com — Cisco Umbrella Rank: 12056 rubicon.wellsfargo.com — Cisco Umbrella Rank: 11019 |
722 KB |
6 |
xzone.no
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no |
67 KB |
4 |
doubleclick.net
2 redirects
2549153.fls.doubleclick.net — Cisco Umbrella Rank: 27323 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 |
4 KB |
3 |
eum-appdynamics.com
pdx-col.eum-appdynamics.com — Cisco Umbrella Rank: 4173 |
1 KB |
3 |
google.no
www.google.no — Cisco Umbrella Rank: 32408 adservice.google.no — Cisco Umbrella Rank: 267791 |
1 KB |
3 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78 |
2 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
680 B |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 202 wellsfargobankna.demdex.net — Cisco Umbrella Rank: 10974 |
3 KB |
0 |
rlcdn.com
Failed
api.rlcdn.com Failed |
|
91 | 10 |
Domain | Requested by | |
---|---|---|
34 | www01.wellsfargomedia.com |
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
www.wellsfargo.com |
14 | static.wellsfargo.com |
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
static.wellsfargo.com |
7 | connect.secure.wellsfargo.com |
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
connect.secure.wellsfargo.com www.wellsfargo.com |
6 | 8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no |
www.wellsfargo.com
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no connect.secure.wellsfargo.com |
5 | www.wellsfargo.com |
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
|
3 | pdx-col.eum-appdynamics.com |
connect.secure.wellsfargo.com
|
3 | www.google-analytics.com |
connect.secure.wellsfargo.com
static.wellsfargo.com |
2 | www.google.no | |
2 | www.google.com | 1 redirects |
2 | 2549153.fls.doubleclick.net |
1 redirects
static.wellsfargo.com
|
2 | rubicon.wellsfargo.com |
connect.secure.wellsfargo.com
|
2 | dpm.demdex.net |
connect.secure.wellsfargo.com
|
1 | adservice.google.no |
adservice.google.com
|
1 | stats.g.doubleclick.net |
connect.secure.wellsfargo.com
|
1 | adservice.google.com |
2549153.fls.doubleclick.net
|
1 | googleads.g.doubleclick.net | 1 redirects |
1 | wellsfargobankna.demdex.net |
connect.secure.wellsfargo.com
|
0 | api.rlcdn.com Failed |
connect.secure.wellsfargo.com
|
91 | 18 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
static.wellsfargo.com DigiCert EV RSA CA G2 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
www.wellsfargo.com DigiCert EV RSA CA G2 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
www01.wellsfargomedia.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-28 - 2023-03-28 |
a year | crt.sh |
connect.secure.wellsfargo.com DigiCert EV RSA CA G2 |
2022-06-22 - 2023-06-22 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
rubicon.wellsfargo.com Wells Fargo Public Trust Certification Authority 01 G2 |
2022-04-06 - 2023-04-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-14 - 2023-07-15 |
a year | crt.sh |
*.google.no GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/kjfar.php?P=N49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%20sdERWAEETRabE%20RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID&email=
Frame ID: 67BA2C42E665246A4862F8BA0F685395
Requests: 89 HTTP requests in this frame
Frame:
http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Frame ID: AC398302AEA375DA3B4B159B422476D6
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Frame ID: CDB0059912ABDC3B58C7640ABBFB99F4
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.no/ddm/fls/i/dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
Frame ID: 977E12B27D461EE717C387DF9DEAADCF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Wells Fargo – Banking, Credit Cards, Loans, Mortgages & MoreDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
AppDynamics (Analytics) Expand
Detected patterns
- adrum
Google Analytics (Analytics) Expand
Detected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
133 Outgoing links
These are links going to different origins than the main page.
Title: Enroll
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: ATMs/Locations
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Small Business
Search URL Search Domain Scan URL
Title: Commercial
Search URL Search Domain Scan URL
Title: Financial Education
Search URL Search Domain Scan URL
Title: About Wells Fargo
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Savings Accounts and CDs
Search URL Search Domain Scan URL
Title: Debit Cards
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Foreign Exchange
Search URL Search Domain Scan URL
Title: Global Remittance Services
Search URL Search Domain Scan URL
Title: Online Banking
Search URL Search Domain Scan URL
Title: Transfer and Pay
Search URL Search Domain Scan URL
Title: Mobile Features
Search URL Search Domain Scan URL
Title: Control Tower®
Search URL Search Domain Scan URL
Title: ATM Banking
Search URL Search Domain Scan URL
Title: Tax Center
Search URL Search Domain Scan URL
Title: Banking Made Easy
Search URL Search Domain Scan URL
Title: Planning for Retirement
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: Mortgage Rates
Search URL Search Domain Scan URL
Title: Routing Number
Search URL Search Domain Scan URL
Title: Overdraft Services
Search URL Search Domain Scan URL
Title: Get Help with Payment Challenges
Search URL Search Domain Scan URL
Title: Open a Checking Account
Search URL Search Domain Scan URL
Title: Apply for an Account or Service
Search URL Search Domain Scan URL
Title: Mortgage Loans
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Student Loans
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Going to College
Search URL Search Domain Scan URL
Title: Borrowing and Credit
Search URL Search Domain Scan URL
Title: Finish Application/Check Status
Search URL Search Domain Scan URL
Title: Overview
Search URL Search Domain Scan URL
Title: Self-Directed Investing
Search URL Search Domain Scan URL
Title: Automated Investing
Search URL Search Domain Scan URL
Title: Dedicated Financial Advisor
Search URL Search Domain Scan URL
Title: Compare Ways to Invest
Search URL Search Domain Scan URL
Title: IRAs
Search URL Search Domain Scan URL
Title: Invest in Mutual Funds
Search URL Search Domain Scan URL
Title: Rollovers (401k and IRA)
Search URL Search Domain Scan URL
Title: Investing for Education
Search URL Search Domain Scan URL
Title: Strategy and Research
Search URL Search Domain Scan URL
Title: Income in Retirement
Search URL Search Domain Scan URL
Title: Investing Basics
Search URL Search Domain Scan URL
Title: Contact a Financial Advisor
Search URL Search Domain Scan URL
Title: Open an IRA
Search URL Search Domain Scan URL
Title: Open a WellsTrade® Account
Search URL Search Domain Scan URL
Title: Open an Intuitive Investor® Account
Search URL Search Domain Scan URL
Title: My Retirement Plan
Search URL Search Domain Scan URL
Title: Employer Plan 401(k) Sign On
Search URL Search Domain Scan URL
Title: The Private Bank
Search URL Search Domain Scan URL
Title: All Wealth Management Services
Search URL Search Domain Scan URL
Title: Wealth Planning
Search URL Search Domain Scan URL
Title: Private Banking
Search URL Search Domain Scan URL
Title: Investment and Asset Management
Search URL Search Domain Scan URL
Title: Fiduciary and Trust Services
Search URL Search Domain Scan URL
Title: Wealth Management Insights
Search URL Search Domain Scan URL
Title: Conversations Magazine
Search URL Search Domain Scan URL
Title: Contact The Private Bank
Search URL Search Domain Scan URL
Title: Go Far® Rewards
Search URL Search Domain Scan URL
Title: Customer Relationship Overview
Search URL Search Domain Scan URL
Title: Banking Made Easy
Search URL Search Domain Scan URL
Title: Sign On to Go Far Rewards
Search URL Search Domain Scan URL
Title: Go Far Rewards FAQs
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Forgot Password/Username?
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: Privacy, Cookies, and Security
Search URL Search Domain Scan URL
Title: Start now
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Learn More
Search URL Search Domain Scan URL
Title: Estimate how much to borrow
Search URL Search Domain Scan URL
Title: Find your credit card
Search URL Search Domain Scan URL
Title: Free online budgeting tools
Search URL Search Domain Scan URL
Title: Make an appointment
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Go to Borrowing and Credit
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Go to Banking Made Easy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Go to Retirement Planning
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Go to Home Lending
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Learn about financial aid >
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Find scholarships and grants >
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Visit Going to College
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Go to Investing Basics
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Visit the Security Center
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Review your FICO® Credit Score For eligible Wells Fargo customers
Search URL Search Domain Scan URL
Title: Questions about an old 401(k)? Let’s talk about your options
Search URL Search Domain Scan URL
Title: Who We Are
Search URL Search Domain Scan URL
Title: Making Things Right – Customer Redress
Search URL Search Domain Scan URL
Title: Corporate Responsibility
Search URL Search Domain Scan URL
Title: Wells Fargo Stories
Search URL Search Domain Scan URL
Title: Privacy, Cookies, Security & Legal
Search URL Search Domain Scan URL
Title: Notice of Data Collection
Search URL Search Domain Scan URL
Title: General Terms of Use
Search URL Search Domain Scan URL
Title: Online Access Agreement
Search URL Search Domain Scan URL
Title: Ad Choices
Search URL Search Domain Scan URL
Title: Report Fraud
Search URL Search Domain Scan URL
Title: About Wells Fargo
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Diversity and Accessibility
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: SIPC
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- http://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401 HTTP 307
- https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.9828192847642401
- http://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638 HTTP 307
- https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.006584708312144638
- http://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1 HTTP 307
- https://static.wellsfargo.com/tracking/ga/gtag.js?t=UA-107148943-1
- http://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153 HTTP 307
- https://static.wellsfargo.com/tracking/ga/gtag.js?t=DC-2549153
- http://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569 HTTP 307
- https://static.wellsfargo.com/tracking/ga/gtag.js?t=AW-984436569
- http://2549153.fls.doubleclick.net/activityi;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D HTTP 302
- http://2549153.fls.doubleclick.net/activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php%3FP%3DN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgi938945SCDSFGHJSASTYTERSZ%2520sdERWAEETRabE%2520RHTUTYDDNTMEW74342hdfjsixaAI6cEL2k0fCo2dHX4fTgN49Gvzita0MAy6mEK2k0SCh2Jnu0EJczWdWsgiBOaoweue5_jfncn_Product-UserID%26email%3D
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984436569/?random=1662085230066&cv=9&fst=1662085230066&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa8g0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&hn=www.google.com&async=1 HTTP 302
- https://www.google.com/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=2739683765&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.no/pagead/1p-user-list/984436569/?random=1662085230066&cv=9&fst=1662084000000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2F8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no%2Fa%2F1%2Fkjfar.php&tiba=Wells%20Fargo%20%E2%80%93%20Banking%2C%20Credit%20Cards%2C%20Loans%2C%20Mortgages%20%26%20More&async=1&is_vtc=1&random=2739683765&resp=GooglemKTybQhCsO&ipr=y
91 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
kjfar.php
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/a/1/ |
62 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appdEUMConfig.js
static.wellsfargo.com/assets/js/wfui/appdynamics/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage_iaoffer.js
www.wellsfargo.com/js/global/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.sync.js
static.wellsfargo.com/tracking/toppages/ |
41 B 472 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage_ret.css
www.wellsfargo.com/css/home/ |
52 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-horz-logo.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-lock.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
2 KB 975 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage-signon-lock.svg
www.wellsfargo.com/assets/images/css/template/homepage/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfi000_lg_b-wf-stagecoach_rednoborder_1200x532.gif
www01.wellsfargomedia.com/assets/images/contextual/banner/enterprise/1200x532/ |
27 KB 27 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
task_icon_house_50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/checking/50x50/ |
1002 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
task_icon_credit-card_50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/credit-card/50x50/ |
815 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
task_icon_laptop-50x50.png
www01.wellsfargomedia.com/assets/images/contextual/banner/student-loans/50x50/ |
540 B 772 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
task-icon-rates-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FICO-phone-borrowing-and-credit-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_sprite_image.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
paying-phone-beach-banking-made-easy-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
couple-beach-retirement-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
couple-moving-in-homelending-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
student-graduation-going-to-college-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
34 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woman-tablet-investing-basics-970x485.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfic693_ph_b-jk_1027_3356_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-userprefs.min.js
connect.secure.wellsfargo.com/auth/static/prefs/ |
264 KB 148 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.wellsfargo.com/js/vendor/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage_per.js
www.wellsfargo.com/js/global/ |
77 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
offers
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/target/ |
808 B 996 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-magnifying-glass.png
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
292 B 520 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert-icon.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right-blue.png
www01.wellsfargomedia.com/assets/images/css/template/ |
169 B 372 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wellsfargosans-rg.woff2
www01.wellsfargomedia.com/assets/fonts/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icn-uti-checkbox.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
728 B 643 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atadun.js
connect.secure.wellsfargo.com/auth/static/prefs/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glu.js
connect.secure.wellsfargo.com/AIDO/ |
65 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mint.js
connect.secure.wellsfargo.com/AIDO/ Redirect Chain
|
81 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pic.js
connect.secure.wellsfargo.com/PIDO/ Redirect Chain
|
73 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.js
static.wellsfargo.com/tracking/toppages/ |
213 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/ |
808 B 808 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/ |
808 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-marquee-dot-active.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
578 B 602 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-marquee-dot-inactive.svg
www01.wellsfargomedia.com/assets/images/css/template/homepage/ |
587 B 618 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
accounts-cache.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/short/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/ |
808 B 1015 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.gif
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/assets/images/global/ |
808 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vyHb
connect.secure.wellsfargo.com/AIDO/ |
90 B 861 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6825911_gettyimages-1153899955_img_hph_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfic765_pg_1200x532.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
56 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
task-icon-maa-50x50.png
www01.wellsfargomedia.com/assets/images/homepage/ |
961 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woman_checking_tablet_device.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/970x485/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6818104_gettyimages-890847206_489_234.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfi111_ph_hre_default1_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfi111_ph_hre_default3_304x194.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wells-fargo-volunteer-gardening_414x240.jpg
www01.wellsfargomedia.com/assets/images/photography/lifestyle/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stagecoach-two-drivers-field-green-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redress_414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
three-men-volunteer-house-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
woman-sitting-chair-tablet-screenshot-414x240.jpg
www01.wellsfargomedia.com/assets/images/homepage/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
382 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
detector-dom.min.js
static.wellsfargo.com/tracking/gb/ |
333 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtag.js
static.wellsfargo.com/tracking/ga/ |
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
idl
api.rlcdn.com/api/identity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-ext.js
static.wellsfargo.com/assets/js/wfui/appdynamics/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
runtime.80d5260aef1a12bc638a.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vendor.21ae416b3ad99fcd7f4a.chunk.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.1a3449c840a0ecac31c6.chunk.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wfui.01083dad213681fca617.chunk.js
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.a32830a6383d333d8777.chunk.css
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wfui.b63d098a1ca054bb8b08.chunk.css
connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ttms.gif
static.wellsfargo.com/tracking/reporting/ |
43 B 532 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
382 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
event
wellsfargobankna.demdex.net/ |
555 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtag.js
static.wellsfargo.com/tracking/ga/ Redirect Chain
|
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtag.js
static.wellsfargo.com/tracking/ga/ Redirect Chain
|
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtag.js
static.wellsfargo.com/tracking/ga/ Redirect Chain
|
115 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cls_report
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/ |
50 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-ext.b4436be974de477658d4a93afb752165.js
static.wellsfargo.com/assets/js/wfui/appdynamics/ |
47 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ga.js
static.wellsfargo.com/tracking/ga/ |
48 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
activityi;dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3...
2549153.fls.doubleclick.net/ Frame AC39 Redirect Chain
|
818 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ga_conversion_async.js
static.wellsfargo.com/tracking/ga/ |
35 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cls_report
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ec.js
static.wellsfargo.com/tracking/ga/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 187 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.no/pagead/1p-user-list/984436569/ Redirect Chain
|
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 393 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw...
adservice.google.com/ddm/fls/i/ Frame CDB0 |
817 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/ |
35 B 100 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 484 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error.gif
pdx-col.eum-appdynamics.com/eumcollector/ |
26 B 319 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error.gif
pdx-col.eum-appdynamics.com/eumcollector/ |
26 B 320 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=COP74v2F9fkCFdZDHQkdp1YBDA;src=2549153;type=allv40;cat=all_a00;ord=5029910366429;gtm=2od8g0;u1=45202110060855191200791075;u5=y;u6=BOB;u8=WWW;u11=PRODUCTION;u23=DESKTOP;~oref=http%3A%2F%2F8kw...
adservice.google.no/ddm/fls/i/ Frame 977E |
194 B 870 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
adrum
pdx-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EUM-AAB-AYP/ |
0 718 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.no/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.rlcdn.com
- URL
- https://api.rlcdn.com/api/identity/idl?pid=1317
- Domain
- connect.secure.wellsfargo.com
- URL
- https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/runtime.80d5260aef1a12bc638a.js
- Domain
- connect.secure.wellsfargo.com
- URL
- https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/vendor.21ae416b3ad99fcd7f4a.chunk.js
- Domain
- connect.secure.wellsfargo.com
- URL
- https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/main.1a3449c840a0ecac31c6.chunk.js
- Domain
- connect.secure.wellsfargo.com
- URL
- https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/js/wfui.01083dad213681fca617.chunk.js
- Domain
- connect.secure.wellsfargo.com
- URL
- https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/main.a32830a6383d333d8777.chunk.css
- Domain
- connect.secure.wellsfargo.com
- URL
- https://connect.secure.wellsfargo.com/accounts/static/7M/accounts/public/stylesheets/wfui.b63d098a1ca054bb8b08.chunk.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)177 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| environment string| appd_key string| appd_js_path string| appDEUMSwitch number| adrum-start-time object| adrum-config boolean| logInfoSwitch number| iaCallTimeout string| accounts_url boolean| hp_prefetch_desktop_value object| utag_data function| domReady object| jsData object| tasInfo string| ATADUN_PATH boolean| isNative string| loginUrlBase object| scriptParent string| loginUrlBaseNoProtocol object| getUrl string| host string| port string| guid function| appendFIDOEligibleInputs function| disableSubmitsCollectUserPrefs function| addLoginFormFieldsAndSubmit function| jsEnabled function| addEvent function| undoSaveUsername function| maskedUsernameChanged function| addScriptElement function| getCookie function| appendHiddenInput function| addCookiesToForm function| setWFACookies function| generateGuid function| brief function| $ function| jQuery object| WF function| GSA_getSearchRootPathPrefix function| GSA_getResourceRootPathPrefix function| GSA_isEmbeddedMode string| ss_form_element string| ss_popup_element object| ss_seq string| ss_g_one_name_to_display string| ss_g_more_names_to_display number| ss_g_max_to_display number| ss_max_to_display number| ss_wait_millisec number| ss_delay_millisec object| ss_gsa_host string| SS_OUTPUT_FORMAT_LEGACY string| SS_OUTPUT_FORMAT_OPEN_SEARCH string| SS_OUTPUT_FORMAT_RICH string| ss_protocol boolean| ss_allow_non_query string| ss_non_query_empty_title boolean| ss_allow_debug object| URI_RE_ object| URI_DISALLOWED_IN_SCHEME_OR_CREDENTIALS_ object| URI_DISALLOWED_IN_PATH_ object| ss_cached object| ss_qbackup object| ss_qshown number| ss_loc number| ss_waiting boolean| ss_painting object| ss_key_handling_queue object| ss_painting_queue boolean| ss_dismissed boolean| ss_panic string| SS_ROW_CLASS string| SS_ROW_SELECTED_CLASS undefined| XH_ieProgId_ number| XML_READY_STATE_UNINITIALIZED number| XML_READY_STATE_LOADING number| XML_READY_STATE_LOADED number| XML_READY_STATE_INTERACTIVE number| XML_READY_STATE_COMPLETED function| XH_XmlHttpInit_ function| XH_XmlHttpCreate function| XH_XmlHttpGET function| XH_XmlHttpPOST function| XH_XmlHttpOpen function| XH_XmlHttpSetRequestHeader function| XH_XmlHttpSend function| XH_XmlHttpAbort object| ss_debug function| ss_composeSuggestUri function| ss_suggest function| ss_processed function| ss_handleAllKey function| ss_handleKey function| ss_isEmbeddedMode_ function| ss_handleQuery function| ss_removeNode_ function| ss_replaceNode_ function| ss_initEmbedMode_ function| ss_sf function| ss_clear function| ss_hide function| ss_show function| ss_showSuggestion function| ss_showRelatedSuggestion function| ss_handleMouseM function| ss_handleMouseC function| ss_countSuggestions function| ss_locateSuggestion function| ss_escape function| ss_escapeDbg function| ss_Debugger function| injectStyles function| injectScripts object| ss_use object| wfLogger object| root string| ndURI number| counter boolean| utag_condload string| new_path object| utag_cfg_ovrd object| userAgentArr object| utag function| isNotUndefinedOrNull function| sendDataToGA boolean| __tealium_twc_switch function| utag_pad function| utag_visitor_id string| gtagRename object| dataLayer function| gtag object| ___sc124934 object| ___so124934 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt function| grip undefined| d object| data_dmp object| adobe function| Visitor function| DIL object| s_c_il number| s_c_in function| sendRTTODataToGA string| GTAG_TYPE object| GTAG_CONFIG object| Nf object| Of function| Pf object| google_tag_manager object| _detector undefined| optimizely object| ADRUM object| google_tag_data string| GoogleAnalyticsObject function| ga function| f object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 | Name: _cls_v Value: e5b5e3f0-14e1-4862-b0ec-f16af2c58d84 |
|
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 | Name: _cls_s Value: 11e9e202-2780-480e-a0b8-b31287943f8c:0 |
|
rubicon.wellsfargo.com/glassbox/reporting/0C458F45-AC71-02CE-34D8-401C8A313B38 | Name: _cls_cfgver Value: 18d2c6f2 |
|
.demdex.net/ | Name: demdex Value: 14744695805011076971717048240105016693 |
|
.xzone.no/ | Name: AMCVS_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: 1 |
|
.xzone.no/ | Name: AMCV_1BAA15F354F731E60A4C98A4%40AdobeOrg Value: -1124106680%7CMCMID%7C14758697043514639061718448363829540710%7CMCAAMLH-1662690029%7C6%7CMCAAMB-1662690029%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C677917998%7CMCOPTOUT-1662092429s%7CNONE%7CvVersion%7C5.2.0 |
|
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/ | Name: _ga Value: GA1.1.270726934.1662085230 |
|
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/ | Name: _gid Value: GA1.1.2132437841.1662085230 |
|
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no/ | Name: _gat_gtag_UA_107148943_1 Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2549153.fls.doubleclick.net
8kw0k3i2t6ieump8cah9sgwsk6l70zqgfm49kbjrna5rvmpdgfqmzsentt1lqhy.xzone.no
adservice.google.com
adservice.google.no
api.rlcdn.com
connect.secure.wellsfargo.com
dpm.demdex.net
googleads.g.doubleclick.net
pdx-col.eum-appdynamics.com
rubicon.wellsfargo.com
static.wellsfargo.com
stats.g.doubleclick.net
wellsfargobankna.demdex.net
www.google-analytics.com
www.google.com
www.google.no
www.wellsfargo.com
www01.wellsfargomedia.com
api.rlcdn.com
connect.secure.wellsfargo.com
142.250.184.198
142.250.185.100
142.250.185.66
142.250.186.163
142.250.186.66
159.45.2.178
159.45.66.145
159.45.66.156
172.217.18.2
172.217.23.110
2.16.186.138
23.2.195.4
34.248.26.113
34.255.225.203
52.36.47.22
64.233.167.156
67.23.254.254
004590468c4ed29e2b9ac5192217c685059d0d623e4398c49cdb4a0b5a386831
0155efc4c50ae4da41c1ca1f6407912cbe62c0f7cb77f6464aee5bedf1267cbc
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b2af045acafbdf14516bf55f310568036ace959946d16edb1acebcd58029d22
16b5311ddbd849fd1808d3d855f79d9640417d7c65714ffec6f6bb6f17416883
239e29799eeeff643c07466d40772fc803f95137942aa6517b145d6d862217b5
25a7b2470715372a0a94a6537d9bace902f317e038645f4cc867552e42e0162a
2af5bcc0ab347f0e039ec86b4f0a5f2fb506ef539c284331b5e8e78f3f94badc
33b92421ed8061f976e181bdcc26c325efe73e6b1abd8755b5d85b16c7fe50ea
34f5250710ce0ee2c5bdf5a5ff1a071a61b8c171b7f0ab96bf6deb935483a3d1
3809cf83b36ac6b2f21dc1b73e22d2e594acf734d71e348dbd7f66ea38bfc658
385196f0fce7cea80c2c99d971780ecb73df9dea6e5b2d95d19df3aa849c7b1f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c536cede8c67b4bda531f82b77f3678e52026398492010245d3870c87a1623e
3e72471278601589c8718b1a74e9d45144e597ed2cdeafd3274ff95a9c93c6e7
41ace13f2da513c687155c0bc5aeeb5b465a55c90077624895acd8239ae8260b
42902bf802de1e0edd9d13d02216ec6fb579ebbdc9f8ce045cc1ad37a699e481
43dd833f33570535401d009e6b6f9cde54bdac4e210fc6c89cfdcfcbaa9fc903
44780a2dbce930ece612e0eecc0ea407b435bbd521879019156f0fed0209d85a
4519a61d26f153bd19bda2ffdca5d102c56d61f6f5ef6f29727ca878f6ea1947
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
52b687a685d2239142be0db5335c5710951ba8c2b39a44431a40f156b4d9312d
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
599e3c4b198d28b925b6eff10db70dcd5c9b44f3b0da091cdd35cc8245fe4b66
5e09f67975ce6cd81939d8f8239c1ac8f495a9203064a07178830b083b9f1510
5ef1004ddcf84c9bbf326a06fbeaceb776fd2ae9ae0a862ddbc037a08644192a
618688d9849fef712931832c71e01be145d1791d6da917a702ab86a74ce66089
631f3b6267a831a8d67c45e480b5d5a2601f10ff8708bcf3a45a41b377a129cc
649dcf3e5665f599b97ab67a10b75f7f1246378806c243c22a6a4130aa12e622
6c771bd1c269646a76015f2f6410a40c031e5adea88f665bfe9ae15a972ab6ab
76398f8fc34ee6f4c41af5f7d73cb3ba4ac57d958247134fc2749552a99659c9
780b98a3861aa8d4afe428953ad3b9e988a74cd5f064b4a1eb453f5d901221e7
7926323a712a1fa861283bbdbde6f6df758e3a39c418fe1459f2b5dbe18102be
79f666407709e82d49c80fc330a5a34952fc56f30de257ccc3ae432d87c6fedc
7a58994569d91823ac5c6590e1f3ef3aeecd26c3024cc25ce83b08666578f1ed
7b1acbecc92198d28a194bab0fa46dd84878d9cb78f3e2bbbd4ba771ef168ebd
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7cf613ae2a54653f340d959397825ff3bc818f37f8757f7f10167f648e4a3060
7dd0ade9deb38d13a04798846beba4e048d65cf8ccf9e678c03184e837887752
7f0d10bc282c3d7b0eb4d7527303490f8d3b86a1c65e293c2d9f0793006441e6
800719eabe4e6ac1b18f4a837f809c3c0c33b8668662139e49bf912ad0b938d2
81c26be055b396974619967deefc7e5798ce65f07ea0d2a184ef2438ee5c37d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d065126eb6eef432a47f7597e58dca37cc1667e7a20c97ff59ed73ff6fbf4fb
8e33419228d18b065817e0f34dfed2202cc29ca4401d434b0a442d0829633890
95b962bda7dcd5140caed5bc45236ff538c3d5841c7a91136b751db076d19382
96c235d6343aaa272187a96413ebbd8fa15417c7591c02cf0d79fee2e03dfbbe
982003c4cecd7caa0d1b5b8ceb4ee3d9a49263cb37fe56ccf4d5113868fe6741
9a5e8cb8c0d7468337c96ba9de5c90701a038a135975b1f4444bde35cb0eb212
a9304a0a2a197ea99df11195c7661157044f9846e2863a4e4fc0663776700747
ae6dd562558a0d6e692c910de53486132faa5c6ae81d0e85d67ba7f26b789a7f
af3f70344218dd2bd28881f842610f87598362af9f7cfbf2c1f2d0b8e9c4462a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bac7d14e724e890def62967d796be6d0f77e6c144cb304e2e69d3ed1fc66cf0d
bad076c316b96cc04b2df0418f986f332e01ff6016eab56fa116a4ef4c9ca594
bba812edb81013a25bbdca7801e892f85b38580456227b4c1878b5bd0f8aee6b
bf237dbb690185287d8b42ba4a0b97fb4c506b310b36d6532c059079ff9e5df1
c05059329c081ecc0744410b2a9515ab86fdb568691fce0287a09c579f222faf
c550a26340fc6971f4767d351ae9c987603d3f5cf3cb18e91e3164d5fdca8be5
cfd4c24ae595a860f108f4de55ce9a1744bad06d612d508c4d0bf39901b9862c
d03c66ceca785a35e0576fe778a325d183ce317c482faf48f06d371688fd75f0
d510b44eb432254133e3a77667c96ea0eee0a356614ef7938c0cab6b5d7fbcd9
d6f9a6d48f3d43b2f7004bb3f1bea032abe36c545087c45907bf36f6d1949bc6
d6fdad356ecabcdcfb77a0486b3e240f450369e0304739e55c71a112d5f3d2df
d7c059e94b914ac615951283337117c36f9d4e86dfb2c2d97134fe00155419f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2abb0b11e94d1993d63ba680434ad970acd7333713aeeb3dc84771281af77b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ecf74092e5fe396ce9fe40ea17070242ed95e6c0b09d595dd4254d8afcabaa
ea4b20ddecd76a86c3dc31d488970cf15e6284756c271b1d983f597652ebeb61
ec6343cf635afa21759e508cd2d388939035aad58ed76e2f25db0722f5d44299
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5222890bf5fab537c855a4b7a97289613cab75945f43eaa7949862d8c92b4cf
f524345f75bc7c15f2e285e525e04299dc22c27c014abe55c337dbc3a690b82c