Submitted URL: https://www.wellsfargo.com/questions
Effective URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Submission: On June 18 via manual from US

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 159.45.2.156, located in Concord, United States and belongs to WELLSFARGO-10837 - Wells Fargo & Company, US. The main domain is connect.secure.wellsfargo.com.
TLS certificate: Issued by DigiCert Global CA G2 on February 7th 2019. Valid for: 2 years.
This is the only time connect.secure.wellsfargo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 159.45.2.145 10837 (WELLSFARG...)
15 159.45.2.156 10837 (WELLSFARG...)
3 159.45.2.178 10837 (WELLSFARG...)
18 3
Apex Domain
Subdomains
Transfer
20 wellsfargo.com
www.wellsfargo.com
connect.secure.wellsfargo.com
static.wellsfargo.com
290 KB
18 1
Domain Requested by
15 connect.secure.wellsfargo.com connect.secure.wellsfargo.com
3 static.wellsfargo.com connect.secure.wellsfargo.com
static.wellsfargo.com
2 www.wellsfargo.com 2 redirects
18 3

This site contains links to these domains. Also see Links.

Domain
www.wellsfargo.com
oam.wellsfargo.com
Subject Issuer Validity Valid
connect.secure.wellsfargo.com
DigiCert Global CA G2
2019-02-07 -
2021-02-07
2 years crt.sh
static.wellsfargo.com
DigiCert Global CA G2
2019-02-07 -
2021-02-07
2 years crt.sh

This page contains 1 frames:

Primary Page: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Frame ID: 4162036DDDCF1E8DA8AB6CC914B0EC5C
Requests: 23 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.wellsfargo.com/questions HTTP 301
    https://www.wellsfargo.com/help/self_service/ask_question HTTP 301
    https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion... Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

1
Countries

289 kB
Transfer

650 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.wellsfargo.com/questions HTTP 301
    https://www.wellsfargo.com/help/self_service/ask_question HTTP 301
    https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set present
connect.secure.wellsfargo.com/auth/login/
Redirect Chain
  • https://www.wellsfargo.com/questions
  • https://www.wellsfargo.com/help/self_service/ask_question
  • https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
40 KB
17 KB
Document
General
Full URL
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
3b37a1389aecfeb2a0576f7640c3f28ef9bd52b36a6b581b6ac4ea4b78d2a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Host
connect.secure.wellsfargo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
INLANG=EN; wfacookie=1120190618121544969486895
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:45 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
-1
Cache-Control
no-cache, no-store, max-age=0
Set-Cookie
ADRUM_BTa=R:0|g:df7f2eda-a422-41cc-b32f-f7de1e2e2059; Expires=Tue, 18-Jun-2019 19:16:15 GMT; Path=/; Secure ADRUM_BTa=R:0|g:df7f2eda-a422-41cc-b32f-f7de1e2e2059|n:customer1_e2ac6dad-45c5-4fb1-ba3e-0fd665d694f7; Expires=Tue, 18-Jun-2019 19:16:15 GMT; Path=/; Secure ADRUM_BT1=R:0|i:251578; Expires=Tue, 18-Jun-2019 19:16:15 GMT; Path=/; Secure ADRUM_BT1=R:0|i:251578|e:14; Expires=Tue, 18-Jun-2019 19:16:15 GMT; Path=/; Secure gingerbread_cookie=D5D09805BE9563FBD697119E8690E6EC; Domain=wellsfargo.com; Path=/auth; Secure; HttpOnly AuthCookie=85df6d63-5b6d-4065-9fdd-e7c91302ff29; Path=/auth; Secure; HttpOnly AuthCookie=85df6d63-5b6d-4065-9fdd-e7c91302ff29; Path=/auth; Secure; HttpOnly LOGINORIGIN=cob:askQuestion; Domain=wellsfargo.com; Path=/auth; Secure; HttpOnly ISD_LA_COOKIE=iaLY37dnZGUkIdrmyYk303w+jxSWhifk5aQ+hvwjTBf9N+CZLdPuJvIABLiMTJfX6do4UcgT6CMHNwAAAAE=;Secure; path=/; domain=connect.secure.wellsfargo.com; HttpOnly
X-XSS-Protection
1; mode=block
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Language
en-US
Content-Security-Policy-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'; img-src https: data:; frame-ancestors 'none'; base-uri 'none'; report-uri https://ort.wellsfargo.com/reporting/csp; report-to https://ort.wellsfargo.com/reporting/csp
Server
KONICHIWA/1.1
X-UA-Compatible
IE=edge
X-Frame-Options
deny
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Cnection
close
Content-Encoding
gzip

Redirect headers

Date
Tue, 18 Jun 2019 19:15:44 GMT
Server
Server
Strict-Transport-Security
max-age=31536000;includeSubDomains
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
pragma
no-cache
cache-control
no-cache, no-store
expires
0
Content-Security-Policy-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data: 'unsafe-inline'; frame-ancestors 'none'; base-uri https: data:; font-src https: data:; report-uri https://ort.wellsfargo.com/reporting/csp
Location
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Content-Length
0
Keep-Alive
timeout=15, max=38
Connection
Keep-Alive
global.css
connect.secure.wellsfargo.com/auth/static/css/altLogin/
20 KB
6 KB
Stylesheet
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/css/altLogin/global.css
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
ab78c44d5e86c6f0937d203066ebcadbf50c8d63407564a151bdd03701f40a70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
6088
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:10:57 GMT
Server
KONICHIWA/1.1
ETag
"4f7f-58a8a1ba174a7-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 16 Oct 2019 19:15:45 GMT
enhanced-header.css
connect.secure.wellsfargo.com/auth/static/css/altLogin/
4 KB
1 KB
Stylesheet
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/css/altLogin/enhanced-header.css
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
11fad06b8883c18efd6aa8217ecc239ff05195f85b58282431e07294d63fae2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
957
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:11:01 GMT
Server
KONICHIWA/1.1
ETag
"e62-58a8a1be2ad15-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Expires
Wed, 16 Oct 2019 19:15:45 GMT
content.css
connect.secure.wellsfargo.com/auth/static/css/altLogin/
219 B
726 B
Stylesheet
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/css/altLogin/content.css
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
0d77fc6f4fc7bca20eabf92d0b5e6a4edf8c3465dbe24b026466ac3419a04b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
167
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:10:53 GMT
Server
KONICHIWA/1.1
ETag
"db-58a8a1b65a3d1-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=75
Expires
Wed, 16 Oct 2019 19:15:46 GMT
wf.css
connect.secure.wellsfargo.com/auth/static/Fonts/wf/
199 B
702 B
Stylesheet
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/Fonts/wf/wf.css
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
5b38f2f8c09ad0b050e4ec97524f3eb95b8c1fa2cf1b5a922eb4172608e4afc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
143
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:10:53 GMT
Server
KONICHIWA/1.1
ETag
"c7-58a8a1b610051-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=86
Expires
Wed, 16 Oct 2019 19:15:46 GMT
enhanced-footer.css
connect.secure.wellsfargo.com/auth/static/css/altLogin/
2 KB
1 KB
Stylesheet
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/css/altLogin/enhanced-footer.css
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
c3b16150ac24389a3f1cbad5b7a5a874bb486cc0256311f870d4cba25871c2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
736
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:10:53 GMT
Server
KONICHIWA/1.1
ETag
"84c-58a8a1b65a3d1-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
text/css
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=34
Expires
Wed, 16 Oct 2019 19:15:46 GMT
WF_stagecoach_rgb_ylw_F1.svg
connect.secure.wellsfargo.com/auth/static/images/
91 KB
91 KB
Image
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/images/WF_stagecoach_rgb_ylw_F1.svg
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
27e51767000be839c271d64e21add686a6f770809498fb6cd43fe34e56669207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2019 02:11:01 GMT
Server
KONICHIWA/1.1
X-Frame-Options
SAMEORIGIN
ETag
"16a48-58a8a1be31e5d"
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
image/svg+xml
Cache-Control
max-age=10368000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=56
Content-Length
92744
X-XSS-Protection
1; mode=block
Expires
Wed, 16 Oct 2019 19:15:46 GMT
login-userprefs.min.js
connect.secure.wellsfargo.com/auth/static/prefs/
156 KB
86 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
51ddbad6291d9d6de77d898b8b287956c6ec5df232c144a21f021c9f21e215a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 05 Jun 2019 02:10:57 GMT
Server
KONICHIWA/1.1
X-Frame-Options
SAMEORIGIN
ETag
W/"1c6f-58a8a1ba27a5e"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript; charset=UTF-8
Cache-Control
max-age=1800
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-XSS-Protection
1; mode=block
Expires
Tue, 18 Jun 2019 19:45:46 GMT
utag.js
static.wellsfargo.com/tracking/main/
187 KB
29 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/main/utag.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/2.0 /
Resource Hash
d56867760c4661c0c80b7b5d10d899ef39099d090c341dbd8977008d4cc62f93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
29391
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 14 Jun 2019 20:00:45 GMT
Server
KONICHIWA/2.0
ETag
"2ed82-58b4e1a175540-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Tue, 18 Jun 2019 19:45:46 GMT
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8cb039a63b11f207edf324bbfdabbbfaa2d421729785dca77020490c293185e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8401dffb0fbd458ce8332222f9a1d3431bcba86f9401debf60e7783242d4150

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
467 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
WellsFargoSans_W_Rg.woff2
connect.secure.wellsfargo.com/auth/static/Fonts/wf/
22 KB
23 KB
Font
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/Fonts/wf/WellsFargoSans_W_Rg.woff2
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
ecf9cc76cd1cf5e206fd8407e7db65807bb6ddeec390d0bb9f2f8277cda91f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://connect.secure.wellsfargo.com/auth/static/Fonts/wf/wf.css
Origin
https://connect.secure.wellsfargo.com

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains;
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
22500
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:11:01 GMT
Server
KONICHIWA/1.1
ETag
"57e4-58a8a1bea0e4b"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=19
Expires
Wed, 16 Oct 2019 19:15:46 GMT
conutils-6.9.0.js
connect.secure.wellsfargo.com/auth/static/scripts/
23 KB
9 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/scripts/conutils-6.9.0.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
8774
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:10:59 GMT
Server
KONICHIWA/1.1
ETag
"5bd1-58a8a1bc84d6c-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=10368000
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=2
Expires
Wed, 16 Oct 2019 19:15:46 GMT
atadun.js
connect.secure.wellsfargo.com/auth/static/prefs/
1023 B
1 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
541
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 05 Jun 2019 02:11:01 GMT
Server
KONICHIWA/1.1
ETag
"3ff-58a8a1be38fa5-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=78
Expires
Tue, 18 Jun 2019 19:45:46 GMT
glu.js
connect.secure.wellsfargo.com/AIDO/
0
93 B
Script
General
Full URL
https://connect.secure.wellsfargo.com/AIDO/glu.js?r=0.8431954423625003
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Server
KONICHIWA/1.1
mint.js
connect.secure.wellsfargo.com/AIDO/
0
93 B
Script
General
Full URL
https://connect.secure.wellsfargo.com/AIDO/mint.js?dt=login&r=0.36852098017335333
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Server
KONICHIWA/1.1
pic.js
connect.secure.wellsfargo.com/PIDO/
0
93 B
Script
General
Full URL
https://connect.secure.wellsfargo.com/PIDO/pic.js?r=0.7212137212882133
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/login-userprefs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Server
KONICHIWA/1.1
nd
connect.secure.wellsfargo.com/jenny/
43 KB
15 KB
Script
General
Full URL
https://connect.secure.wellsfargo.com/jenny/nd
Requested by
Host: connect.secure.wellsfargo.com
URL: https://connect.secure.wellsfargo.com/auth/static/prefs/atadun.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.156 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/1.1 /
Resource Hash
fed7590f1f60b78840b65f422bb1a89c553fa1cc5ef4383c15b68142e49c23d5

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
X-Cnection
close
Transfer-Encoding
chunked
Server
KONICHIWA/1.1
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript;charset=ISO-8859-1
utag.136.js
static.wellsfargo.com/tracking/main/
47 KB
5 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/main/utag.136.js?utv=ut4.46.201906121852
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/main/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/2.0 /
Resource Hash
b5ab5b4b7f376b2426168b33963a568e95b7574d8cc985699e80c2d661fef5a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
4418
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 14 Jun 2019 20:00:45 GMT
Server
KONICHIWA/2.0
ETag
"bc17-58b4e1a175540-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Expires
Tue, 18 Jun 2019 19:45:46 GMT
utag.201.js
static.wellsfargo.com/tracking/main/
3 KB
2 KB
Script
General
Full URL
https://static.wellsfargo.com/tracking/main/utag.201.js?utv=ut4.46.201804110508
Requested by
Host: static.wellsfargo.com
URL: https://static.wellsfargo.com/tracking/main/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.45.2.178 Concord, United States, ASN10837 (WELLSFARGO-10837 - Wells Fargo & Company, US),
Reverse DNS
Software
KONICHIWA/2.0 /
Resource Hash
27548f235307f79e5eac86c5f21d5492e8ec2db63d5eece1b22c34244fff8adc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.secure.wellsfargo.com/auth/login/present?origin=cob&loginMode=jukePassword&serviceType=askQuestion&LOB=CONS
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Jun 2019 19:15:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1336
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 11 Sep 2018 19:01:05 GMT
Server
KONICHIWA/2.0
ETag
"b48-5759d18815e40-gzip"
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Tue, 18 Jun 2019 19:45:47 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| antiClickjack string| webId string| ndURI object| utag_data string| USERPREFS_PATH string| UPRESOURCE_PATH string| ATADUN_PATH string| loginUrlBase object| scriptParent string| loginUrlBaseNoProtocol object| getUrl string| host string| port string| guid function| disableSubmitsCollectUserPrefs function| addLoginFormFieldsAndSubmit function| jsEnabled function| addEvent object| UserPrefsHelper object| collector function| loadUserPrefs function| submitUserPrefs function| getUserPrefsOnPageLoad function| undoSaveUsername function| maskedUsernameChanged function| addScriptElement function| getCookie function| appendHiddenInput function| addCookiesToForm function| generateGuid function| brief object| LoginForm object| Search function| updateCustomSelect function| enrollPrivacySecLinkHandler boolean| isNative object| ndsapi object| nds object| js object| fjs object| lun3 function| ndoGetObjectKeys boolean| nsrakrwiek string| ndjsStaticVersion object| nspowd object| nspowdjdn boolean| nspowdjd number| nshnihadzy number| nsylzg object| nsldoqfj object| nsldo object| nsqmpxaq object| nsqmp object| nsjpovsjii object| nsqmpx boolean| nsjpovs string| nsylzgx string| nspowdjdne number| numQueries object| returned string| version string| nshnihadz string| nspow string| nsylz string| nsldoqfjhp string| nsylzgxq string| nsrjlf string| nsrjlfxr object| nsrakrwi object| nsqmpxa function| nsqmpxaqa function| nshni function| nshnih object| nsrakr function| nsldoqf function| nsldoq function| nspowdj function| nsjpov function| nsjpovsj function| nsqmpxaqad function| nsjpo function| nsrjlfx function| nsjpovsji function| nsylzgxqw function| ndwti function| nsldoqfjh function| nsrakrwie function| nsrakrw function| nsrjlfxrql function| ndwts function| HashUtil function| nsylzgxqwx function| nsrjl function| nsrjlfxrq function| nsrak function| nshnihad function| nshniha function| nsrpnbzm function| nspmvfcpz function| nswji function| nswjikge function| nscvb function| nswjikgewm function| nshsxht function| nsgvgeunqx function| nswjikg function| nscvbtbnp function| nsrpn function| nsrpnbzmhv function| nscvbtbn function| nspmvfcp function| nspmvf boolean| utag_condload string| new_path object| utag_cfg_ovrd object| userAgentArr undefined| pathname undefined| urlArray undefined| url undefined| sRegExInput object| utag function| utag_pad function| utag_visitor_id string| GoogleAnalyticsObject function| ga undefined| d

11 Cookies

Domain/Path Name / Value
.wellsfargo.com/ Name: utag_main
Value: v_id:016b6c0441ef0022f4005c6b9fc000079007b07100b08$_sn:1$_se:1$_ss:1$_st:1560887146800$ses_id:1560885346800%3Bexp-session$_pn:1%3Bexp-session
.wellsfargo.com/ Name: ndsid
Value: ndsa5t72cawnfdcjx26u1nh
connect.secure.wellsfargo.com/ Name: ADRUM_BT1
Value: R:123|i:251292|e:3
.wellsfargo.com/ Name: ___tk124934
Value: 1560885346462
.connect.secure.wellsfargo.com/ Name: ISD_LA_COOKIE
Value: iaLY37dnZGUkIdrmyYk303w+jxSWhifk5aQ+hvwjTBf9N+CZLdPuJvIABLiMTJfX6do4UcgT6CMHNwAAAAE=
.wellsfargo.com/ Name: wfacookie
Value: 1120190618121544969486895
connect.secure.wellsfargo.com/ Name: ADRUM_BTa
Value: R:123|g:ca6ca1a7-bee9-4b62-9584-d45326ae0145|n:customer1_e2ac6dad-45c5-4fb1-ba3e-0fd665d694f7
.wellsfargo.com/ Name: INLANG
Value: EN
.wellsfargo.com/auth Name: LOGINORIGIN
Value: cob:askQuestion
connect.secure.wellsfargo.com/auth Name: AuthCookie
Value: 85df6d63-5b6d-4065-9fdd-e7c91302ff29
.wellsfargo.com/auth Name: gingerbread_cookie
Value: D5D09805BE9563FBD697119E8690E6EC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.secure.wellsfargo.com
static.wellsfargo.com
www.wellsfargo.com
159.45.2.145
159.45.2.156
159.45.2.178
0d77fc6f4fc7bca20eabf92d0b5e6a4edf8c3465dbe24b026466ac3419a04b72
11fad06b8883c18efd6aa8217ecc239ff05195f85b58282431e07294d63fae2e
27548f235307f79e5eac86c5f21d5492e8ec2db63d5eece1b22c34244fff8adc
27e51767000be839c271d64e21add686a6f770809498fb6cd43fe34e56669207
3b37a1389aecfeb2a0576f7640c3f28ef9bd52b36a6b581b6ac4ea4b78d2a8c7
5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741
51ddbad6291d9d6de77d898b8b287956c6ec5df232c144a21f021c9f21e215a5
5b38f2f8c09ad0b050e4ec97524f3eb95b8c1fa2cf1b5a922eb4172608e4afc1
7cd2b1ab0ed81ddc453b8da5357fcf7b3cbec29cd139059706a7b0bda253af48
ab78c44d5e86c6f0937d203066ebcadbf50c8d63407564a151bdd03701f40a70
b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868
b5ab5b4b7f376b2426168b33963a568e95b7574d8cc985699e80c2d661fef5a7
c3b16150ac24389a3f1cbad5b7a5a874bb486cc0256311f870d4cba25871c2de
d56867760c4661c0c80b7b5d10d899ef39099d090c341dbd8977008d4cc62f93
d8401dffb0fbd458ce8332222f9a1d3431bcba86f9401debf60e7783242d4150
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0773bab4190baeb667b0079a148b4495acab39ad0b1beeba95d5750afe5eb9
ecf9cc76cd1cf5e206fd8407e7db65807bb6ddeec390d0bb9f2f8277cda91f61
f8cb039a63b11f207edf324bbfdabbbfaa2d421729785dca77020490c293185e
fed7590f1f60b78840b65f422bb1a89c553fa1cc5ef4383c15b68142e49c23d5