![](/screenshots/07e1276d-f0b2-4872-ad3e-1dc23a21f05f.png)
www.bmedonline.it
Open in
urlscan Pro
45.60.122.166
Malicious Activity!
Public Scan
Submission: On March 03 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 13th 2022. Valid for: a year.
This is the only time www.bmedonline.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Mediolanum (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 42 | 45.60.122.166 45.60.122.166 | 19551 (INCAPSULA) (INCAPSULA) | |
4 | 23.33.40.153 23.33.40.153 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 184.29.185.244 184.29.185.244 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 142.250.80.40 142.250.80.40 | 15169 (GOOGLE) (GOOGLE) | |
7 | 142.251.32.110 142.251.32.110 | 15169 (GOOGLE) (GOOGLE) | |
2 | 147.154.49.177 147.154.49.177 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
2 | 172.253.122.156 172.253.122.156 | 15169 (GOOGLE) (GOOGLE) | |
59 | 7 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-40-153.deploy.static.akamaitechnologies.com
service.maxymiser.net |
ASN16625 (AKAMAI-AS, US)
PTR: a184-29-185-244.deploy.static.akamaitechnologies.com
c.oracleinfinity.io | |
d.oracleinfinity.io |
ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
stats.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
bmedonline.it
2 redirects
www.bmedonline.it |
1 MB |
7 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30 |
20 KB |
5 |
oracleinfinity.io
c.oracleinfinity.io — Cisco Umbrella Rank: 7856 d.oracleinfinity.io — Cisco Umbrella Rank: 10124 dc.oracleinfinity.io — Cisco Umbrella Rank: 8318 |
45 KB |
4 |
maxymiser.net
service.maxymiser.net — Cisco Umbrella Rank: 8110 |
59 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
229 KB |
2 |
mediolanum.it
2 redirects
sso-c-pro.mediolanum.it |
13 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77 |
415 B |
59 | 7 |
Domain | Requested by | |
---|---|---|
40 | www.bmedonline.it |
2 redirects
www.bmedonline.it
|
7 | www.google-analytics.com |
www.googletagmanager.com
www.bmedonline.it |
4 | service.maxymiser.net |
www.bmedonline.it
service.maxymiser.net |
3 | www.googletagmanager.com |
www.bmedonline.it
www.googletagmanager.com |
2 | sso-c-pro.mediolanum.it | 2 redirects |
2 | stats.g.doubleclick.net |
www.bmedonline.it
|
2 | dc.oracleinfinity.io |
www.bmedonline.it
|
2 | d.oracleinfinity.io |
c.oracleinfinity.io
|
1 | c.oracleinfinity.io |
www.bmedonline.it
|
59 | 9 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.bmedonline.it DigiCert SHA2 Extended Validation Server CA |
2022-07-13 - 2023-08-13 |
a year | crt.sh |
*.maxymiser.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-26 - 2024-01-26 |
a year | crt.sh |
c.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-22 - 2023-08-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
dc.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-19 - 2023-09-07 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.bmedonline.it/ecm/?login=true
Frame ID: 5123007BE68A605F77E0DDF7AC934A6F
Requests: 59 HTTP requests in this frame
Screenshot
![](/screenshots/07e1276d-f0b2-4872-ad3e-1dc23a21f05f.png)
Page Title
Banca Mediolanum S.p.A. | Accesso clientiDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- /_Incapsula_Resource
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
39 Outgoing links
These are links going to different origins than the main page.
Title: BANCA MEDIOLANUM
Search URL Search Domain Scan URL
Title: FAMILY BANKER
Search URL Search Domain Scan URL
Title: FONDAZIONE MEDIOLANUM ONLUS
Search URL Search Domain Scan URL
Title: Mediolanum Corporate University
Search URL Search Domain Scan URL
Title: Mediolanum Fiduciaria
Search URL Search Domain Scan URL
Title: Mediolanum Investment Banking
Search URL Search Domain Scan URL
Title: Banco Mediolanum
Search URL Search Domain Scan URL
Title: Bankhaus August Lenz
Search URL Search Domain Scan URL
Title: Gamax Management AG
Search URL Search Domain Scan URL
Title: EuroCQS S.p.A.
Search URL Search Domain Scan URL
Title: Flowe S.p.A. Società Benefit
Search URL Search Domain Scan URL
Title: Private Banking
Search URL Search Domain Scan URL
Title: Centodieci
Search URL Search Domain Scan URL
Title: Mediolanum Assicurazioni
Search URL Search Domain Scan URL
Title: Mediolanum Gestione Fondi
Search URL Search Domain Scan URL
Title: Mediolanum International Funds
Search URL Search Domain Scan URL
Title: Mediolanum International Life
Search URL Search Domain Scan URL
Title: Mediolanum Vita
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Scopri di più
Search URL Search Domain Scan URL
Title: Scopri di più
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Dati societari
Search URL Search Domain Scan URL
Title: Trasparenza
Search URL Search Domain Scan URL
Title: AccessibilitÃ
Search URL Search Domain Scan URL
Title: Reclami, ricorsi e conciliazioni
Search URL Search Domain Scan URL
Title: Promozioni e manifestazioni a premio
Search URL Search Domain Scan URL
Title: Governance
Search URL Search Domain Scan URL
Title: Rapporti dormienti
Search URL Search Domain Scan URL
Title: AML & CTF
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Bilanci
Search URL Search Domain Scan URL
Title: Contattaci
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 54- https://www.bmedonline.it/lr/rb_bf64527cci?type=js3&sn=v_4_srv_8_sn_A17F6FFBB9ABF2CA4561C57418CEB582_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1&svrid=8&flavor=post&vi=BCSDAUWPAEHEWAKTOUMWJCBALBCPCBPE-0&modifiedSince=1677772092840&rf=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F%3Flogin%3Dtrue&bp=3&app=012dbe75eae6376c&crc=1068172793&en=3vi19xap&end=1 HTTP 302
- https://sso-c-pro.mediolanum.it/oam/server/obrareq.cgi?encquery%3Dggtn7imGKpTc2Hp6T5%2BHbp59uspdnKB4swSbSrkAlrf6kWWPasoOwISTcr4%2FkpbiLItenr6un7VAhrhXhRzOlqpgDL9HabCgtQfqigwSnD3HLP4jhVO%2Fhdj%2BOVeTZmEiZgIxTgEzulfr2DjnczhhYP%2FJIZIkljs0kRi660HO%2BqcR51D6rVRfalPU910mjBjQmRu8rhnIQLPUK3aq6gBMKLA9%2FtJfXrlmIRSTRqm5Dsc1gMmfCWe4LpjkZoLX4gZKXI9ENqNBbHmRKL2iNEf0o4sSSFvHYpo10VRWm%2BLGQYsI81U1YqnlWxB4I3YoiF%2Fz0s8lErieIjL0hmLfljAZESiVgF4L5kc4eydEm49JdxKzr39LAiQSoO6fIcgbtuLOfy1Rv8EvTUNw0DNAG7UapATyEC1Oaw%2B3evhjOo9Hdtg9r6FxVA%2B486caisxLGP0JMYHeO1OOmJ78Do89sBzTabcqbWLsXh2kpllwEhkpYVrPZGYebmU45ZzDPiY3Bv9S7AOSHyrL0ApW53B%2BezNyzob9x5t4eO2VOpNk3xY5I8yCLy1uAFHET8A1g8bXMQQl0CoPmHWuV0Cyc2ShwI8efqpQcwbmpmTgSJoVomf%2FlzxXjUtbrGUk21DLdYvYwBNmKpJHWI9FgN0Q%2B0LmHHychfQWYCdHo7alHadt7C93tqu1SIOZLY3pDEWC60Zt7eDBYfwkAnE%2FheLU%2B7QrZHv0fEkggN5Nr%2FfT%2FKW6VMoABY6JnGpddd4%2Bk0zn3DW4d%2F%2BW4ExKGc3Gv6BpP0h4pe7%2FX1j0HSMdWyCnHvamVnBpO%2BvNn%2BrpMgvgDjJeFGhMvus6asOkhmJyMoGAiFQZ999iyJzxpsij2KDIElC%2BZYjDyoTT%2FUT%2BX9EwPDpa1CZDY5O6Vn%2BV1jwo1NCkiIh01QAdj5sZXOG%2B4flzXTz1An34P2fyowhwFFkAv%2FdU8Cnf2xO70GM7QYbXiF1tQl6U76mEsa1CrIJf4o%2B2VtvdIvsA0S7Iu%2B6haWo9ea%2BGFmHtbCmay0zh4rPjGhHD%2Fw1td%2Bz6e68kIC26Mibsvhya%2FOvG0tLzf8Qgh3d7UtR9tEFtJiwZBouIQjLYI6lSA3My1jppoEVZ4C8Ph5R9j3IK3Lrr%2BdHcmrfKQvqulx%2Bf4sIC4I%2BnCOz4CYo9MSvLU8q5qbj9qj3DL9KGfQ0IJhy6trWalQDA1u7ItIF75NeMPan8rzp4C6eXkeeYaoIR6DQYP%2FkNwcMDDYuz1EkWkuD3YqBqekxfZq%2B2GH1nkaUr1qUyvESlXAX6bDE%2Fj5EPc%2FEuOmaWgQ%3D%3D%20agentid%3DWebgateNMOL%20ver%3D1%20crmethod%3D2&ECID-Context=1.005xVIoJrrD4IvYVLqVK8A0002450000A0%3BkXjE HTTP 302
- https://www.bmedonline.it/ecm/?bmctx=BA68F78519AB2C17D01EAF738CC1898B4A0EEFB24118B126792E3C7B46F19BA0&password=secure_string&contextType=external&username=string&challenge_url=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F&request_id=-9172481991639911851&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fwww.bmedonline.it%252Flr%252Frb_bf64527cci%253Ftype%253Djs3%2526sn%253Dv_4_srv_8_sn_A17F6FFBB9ABF2CA4561C57418CEB582_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1%2526svrid%253D8%2526flavor%253Dpost%2526vi%253DBCSDAUWPAEHEWAKTOUMWJCBALBCPCBPE-0%2526modifiedSince%253D1677772092840%2526rf%253Dhttps%25253A%25252F%25252Fwww.bmedonline.it%25252Fecm%25252F%25253Flogin%25253Dtrue%2526bp%253D3%2526app%253D012dbe75eae6376c%2526crc%253D1068172793%2526en%253D3vi19xap%2526end%253D1
- https://www.bmedonline.it/lr/rb_bf64527cci?type=js3&sn=v_4_srv_8_sn_A17F6FFBB9ABF2CA4561C57418CEB582_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1&svrid=8&flavor=post&vi=BCSDAUWPAEHEWAKTOUMWJCBALBCPCBPE-0&modifiedSince=1677772092840&rf=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F%3Flogin%3Dtrue&bp=3&app=012dbe75eae6376c&crc=1907113380&en=3vi19xap&end=1 HTTP 302
- https://sso-c-pro.mediolanum.it/oam/server/obrareq.cgi?encquery%3DMGc5SoL7YdLB6Eaj5p7iPAMycfwugiOac7OZm6i%2B4%2BlOhyCC0XktXSm05ENFN9Ogx2NoQ8rxr2LGg%2BPwe7Ifqm%2F5GjAltvzfteVOdazP8d2fczvWqccJ%2Fpz3AT5FZamSMwvCMy0ASbfNTLwolJirddj0Eanp8h9p%2F87aP1FnKsQH%2FxVzD6qqhmNCKYNAQI5rQ1LOPTMGfTqJH3%2F7eylUjBwl7fNdi6hqypea9o18Zxoz%2F7z1lqAu6BSXTxCu7Ymuuh6H685%2B%2FDihUFgRUIn4ctb6bD9442eUBgdBEXU45%2BTePxY1f8aeObu%2FzVmQdvc8NSOhN7bTRJs1GBaE6kB3gGcP6ONvNbnqdir1FLZb4pDIMWsQ4al6%2F8bQRc4HjGUm8u6HAhOE%2FHxolX1D6Vh8HnEkmYLyEtGeSO1EX7QwFGwb2xSmiSZAq7nmMd1zO9y0u1Gvb3hOZ98lZGWQSzSLh8%2FN1h%2Fd9p29cvMklTedbaEGze28VSHCZLTpIqz8xqy39sjBwpJFYFth3o8EwFpUppu65cmhUE%2BkUI0j4aGoT6whN6nDyXfflJOHXbl2xSDXhPSxRUNop3uU0H1Zp9KEmzDmLzyD3Xf7eQT3Y2smurIQgGAxSUYfFhY4wZ%2BAi4IQOvv4HvkbbLSNQRwTPK6rEqKluGd3udQp7%2FNwlEMrt3OEROpjmS7c%2FojegKGQJ7rsC5r6g%2BZn2dzfWhjSsq3r3Reab0HrFSee0nmWS3qAiOjrFB0wIeAmjZVmdG6Z7b%2FjWYj2Kvz88LEYLAMG5hC8i8TzFPn6Dd01bdlnFXTf0ejnhYplVUnfoS0ZkhSIMXupuzMGh7GwNreD1zRWjAx2js0jU8bn0%2FRBi93s8JMx1nrf7ZzcIpVlRZSDwx4moL2UMZBC1DqWVvdtupWZ44HAtVBCh5EMxDHFLRlI3RITixNbEc3f7KLsBUE8ZjIxPcBq9z1il2LcUiIC7MES3WoLLC6pPgjiiHTupTkEegpJXGhJ8Waj1YspHc8AXj5oi7KAjtV0IBxYkwxdcuVdzVXtuTbBpOzC8m6LrgY3ToOC4C5DfmBxl0lOBLF5cJortu9LuJa%2FbkHNiD7%2BhG8Icr0%2BdSJsz88BRHrzkPmz9utSqHTTbPoknhsHw5inPNsyZFX3acexrnQwR7r%2Ben18Kjy5AKSnXkyOJRIpbVf%2BWKQgv%2BwCncPAey8icJE8cAI5uzW94uhjbO899thpXeLpghLQ%2FBcH7z71aThbaX1WbykhKro65QYCjc6dFABFCb14SUiWSTcAFLxpce2%2BqvJt8sT2CQ%3D%3D%20agentid%3DWebgateNMOL%20ver%3D1%20crmethod%3D2&ECID-Context=1.005xVIoS3UN4IvYVLqVK8A0002450000A1%3BkXjE HTTP 302
- https://www.bmedonline.it/ecm/?bmctx=BA68F78519AB2C17D01EAF738CC1898B4A0EEFB24118B126792E3C7B46F19BA0&password=secure_string&contextType=external&username=string&challenge_url=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F&request_id=7294848425052860637&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fwww.bmedonline.it%252Flr%252Frb_bf64527cci%253Ftype%253Djs3%2526sn%253Dv_4_srv_8_sn_A17F6FFBB9ABF2CA4561C57418CEB582_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1%2526svrid%253D8%2526flavor%253Dpost%2526vi%253DBCSDAUWPAEHEWAKTOUMWJCBALBCPCBPE-0%2526modifiedSince%253D1677772092840%2526rf%253Dhttps%25253A%25252F%25252Fwww.bmedonline.it%25252Fecm%25252F%25253Flogin%25253Dtrue%2526bp%253D3%2526app%253D012dbe75eae6376c%2526crc%253D1907113380%2526en%253D3vi19xap%2526end%253D1
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.bmedonline.it/ecm/ |
47 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA2NVfhqrux_10229211109064440.js
www.bmedonline.it/lr/ |
219 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-psd2.css
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
405 B 400 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.bmedonline.it/ecm/static-assets/css/ |
7 KB 700 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
www.bmedonline.it/ecm/static-assets/fa/css/ |
56 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
137 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmapi.js
service.maxymiser.net/api/eu/bmedonline.it/2fa7c7/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
odc.js
c.oracleinfinity.io/acs/account/q01xigbfo7/js/inpage/ |
63 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dPg.js
www.bmedonline.it/jsR/ |
215 B 276 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_check_err.js
www.bmedonline.it/jsR/ |
840 B 612 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ARCBM_HomePage.js
www.bmedonline.it/jsA/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha1.js
www.bmedonline.it/jsS/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightstreamer.js
www.bmedonline.it/jsA/ |
165 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tastierino.js
www.bmedonline.it/jsA/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ricordami.js
www.bmedonline.it/jsA/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint.js
www.bmedonline.it/jsA/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto-js.js
www.bmedonline.it/jsA/ |
70 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homebm_oam1_psd2.js
www.bmedonline.it/hide/ |
168 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HB-bmed-logo.jpg
www.bmedonline.it/ecm/static-assets/images/menu/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.png
www.bmedonline.it/ecm/static-assets/login-psd2/assets/img/ |
788 B 911 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-alert-new.png
www.bmedonline.it/ecm/static-assets/images/common/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-doppio-valore-desk-0323.jpg
www.bmedonline.it/ecm/static-assets/images/upload/ |
181 KB 182 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-double-chance-desk-0323.jpg
www.bmedonline.it/ecm/static-assets/images/upload/ |
171 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-slider-desk-trading-mediolanum-1222.jpg
www.bmedonline.it/ecm/static-assets/images/upload/ |
228 KB 230 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-desk-vademecum-sicurezza.png
www.bmedonline.it/ecm/static-assets/images/upload/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-mediolanum.png
www.bmedonline.it/ecm/static-assets/images/footer/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
50 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.bmedonline.it/ |
145 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
service.maxymiser.net/cg/v5/ |
310 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmpackage-1.25.js
service.maxymiser.net/platform/eu/api/ |
78 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
service.maxymiser.net/cg/v5/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner-commerciale
www.bmedonline.it/ecm/services/ |
60 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
223 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-down-nav-gruppo-off.png
www.bmedonline.it/ecm/static-assets/images/menu/ |
155 B 268 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediolanumsans-regular.otf
www.bmedonline.it/ecm/static-assets/fonts/webfontkit-20150730-065551/ |
14 KB 9 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediolanumsans-bold.otf
www.bmedonline.it/ecm/static-assets/fonts/webfontkit-20150730-065025/ |
14 KB 9 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
d.oracleinfinity.io/infy/acs/common/js/1.3.45/ |
50 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
d.oracleinfinity.io/infy/acs/account/q01xigbfo7/js/inpage/analytics-production/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
www.bmedonline.it/ecm/static-assets/fa/webfonts/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-left-nav-content-gruppo.png
www.bmedonline.it/ecm/static-assets/images/menu/ |
138 B 276 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.bmedonline.it/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
checkricordami
www.bmedonline.it/jbunsec/rest/ricordami/ |
234 B 521 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
217 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
224 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dc.oracleinfinity.io/v4/account/q01xigbfo7/client/ |
68 B 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcs.gif
dc.oracleinfinity.io/q01xigbfo7/ |
43 B 416 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 125 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.bmedonline.it/ecm/ Redirect Chain
|
47 KB 13 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.bmedonline.it/ecm/ Redirect Chain
|
47 KB 13 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Mediolanum (Financial)240 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| dT_ object| dtrum function| getQSParam string| parm_login object| parm_successurl undefined| logoutLink string| QS function| $ function| jQuery object| mmRequestCallbacks object| mmsystem function| mmremoveid object| ORA string| OAM_CODICE_CLIENTE string| OAM_NICKNAME string| SA number| bmed_cr string| crFrom string| crCanale undefined| path number| dPg_loaded undefined| io undefined| test number| home_check_err_loaded function| CLValidateForm function| CLFormatString function| addHighlight function| CLGeneratePosition function| CLRandom function| CLReturnPosition function| whenOnKeyPress function| setCookie function| getCookieData number| ARCBM_HomePage_loaded object| CryptoJS number| sha1_loaded object| Lightstreamer function| LightstreamerClient function| Subscription undefined| ricordamiCheckResponse object| ricordamiStored number| counter boolean| checkRicoOnLoad boolean| fTraceDisattivazione function| sendToGoogleTagManager function| checkPopupRicordami function| uncheck function| check function| closePopUpRicordami function| confirmBtnPopUpRicordami function| ricordamiCheckCall function| ricordamiCreateCookie function| getSecureFlag function| getSmartCookie function| getFingerPrintStr function| killRicordamiCookie function| Fingerprint object| exp string| dove string| gStrong string| gVsess string| gIdTopic string| gPrefissoCellulare string| gNumeroCellulare string| gSkipCertificazione string| gSkipStrong string| gSkipMaxCert string| gSkipMaxSA string| gStatoCert string| gStatoStrong string| gStatoStrongBannerPsd2 string| gCellunivoco string| gCliC string| pwdCli string| gStrongPin string| gIdPrelogin string| gclientlight string| gCodiceCliente string| gSecurityToken string| gSecLev string| gTipologiaRinvio string| gTipoLayer string| gCodDispoPSD2 boolean| gLastStepPin1 object| gTastierino boolean| callLoginStrong string| linkRecCodici string| linkSbloccaBMed string| cClienteVerificato object| fraud object| Med string| NUMEROTEL string| NOMECLI string| COGNOMECLI string| CONTI string| PRESSO string| INDIRIZZO string| LOCALITA string| CAP string| COMUNE string| PROVINCIA string| CANONE_DATA_ADD string| CANONE_ERR_NUM string| CANONE_ESENTE string| CANONE_CONTO_ADD string| CANONE_IBAN_CC string| CANONE_PROX_ADD string| IDPRENOTAZIONE string| FIRSTSTEP_ACT string| FIRSTSTEP_ACT_COD string| STATOCEL_CODE string| STATUSSYS_CODE string| STATUSSYS_SYS_STAT string| STATUSSYS_FLG_FAX string| STATUSSYS_ERR_CODE string| INFOCRUSC_LIV_SIC string| GETDAY_DATA_WORK string| ESTRADATA_TODAY string| PREFISSO string| TELEFONO number| IMPORTO string| APPLICA_PRICING string| TIPODISPOSITIVA string| ACTION_CODE string| IN_TIPO_DISP string| IN_ACTION_CODE string| IN_DISPSTATUS string| IN_STATO string| TESTO20SEC string| TESTO_INFO number| gContErrVerificaCod string| oamHost number| stopCert string| request_id boolean| sendSmsAble string| TESTO30SEC string| nmolLogin string| gIDPRELO string| hostToUseLS number| otpError string| sitoAss string| userinput string| idSess undefined| gelPos1 undefined| gelPwd1 undefined| gelPos2 undefined| gelPwd2 undefined| gCodCert number| backupSMS string| idPRELO string| ipAddress string| testCookie string| cOAMAuthnCookie string| dominioAction function| goRigenearaPin function| prova function| Get_Cookie function| Delete_Cookie function| logInfoAgg function| tracciaStepGiornale function| tracciaStepGiornaleNew function| funcPost function| lpad function| autenticazione function| controllaPin function| sendSms function| disegnaTemplateSMS function| disegnaTemplateNPU function| disegnaTemplateSMSfake function| loginStrong function| login function| decodeErrorOAM function| accessoLogin function| decodeError function| preLogin function| openPopNmolCertMass function| continuaCertificazioneMass function| openPopNmolCert function| confermaCodiceCert function| sendCodCert function| sendCodSmsCert function| write2Pin function| getMotore function| getInfoDispositiva function| eseguiDispositiva function| setFocus function| onlyNumbers function| chiudiPopup function| skipLastStep function| disabilitaBtnSkip function| skip function| goStep1 function| goStep2 function| goStep3 function| callInfoStrong function| gestisciMsgErrore function| goTokenAppComplete function| goEsitoOK function| openLayerPSD2 function| loginApi function| logoutApi function| loginApi_mia function| openPopNoNomber function| openPopCertDup function| openPopCertDupMass function| openLayerPolizze function| richiediSmsPinDigit function| showToolTip function| hideToolTip function| gestioneNPU function| templateNPU function| chiamataBackupSMS function| sendSmsCELL function| getPopupSkip string| rigenHost boolean| flgLogin string| re object| MaxymiserCampaing object| MaxymiserBanner function| getBannerCrafter function| closePopUpMaxymiser object| dataLayer function| Popper object| bootstrap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| mousedown function| gtag object| gaplugins object| gaGlobal object| gaData object| infi function| onYouTubeIframeAPIReady string| campagnaClick function| listenIframe undefined| promobc25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.bmedonline.it/ecm | Name: dPg Value: |
|
.bmedonline.it/ | Name: dtCookie Value: v_4_srv_8_sn_A17F6FFBB9ABF2CA4561C57418CEB582_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1 |
|
.bmedonline.it/ | Name: visid_incap_2292922 Value: A3lqTn2aQKC5j5En8RTaAJBKAWQAAAAAQUIPAAAAAACr304EQIR5g20fsfv6fgIv |
|
.bmedonline.it/ | Name: incap_ses_356_2292922 Value: YM75a4OYkyWoKadWOs/wBJFKAWQAAAAAtx0BysAoGN2k38Q3M+G/hw== |
|
.bmedonline.it/ | Name: rxVisitor Value: 1677806225585RPO5FA17P4BVCBBQIQUOFFNP6R55UMGF |
|
.bmedonline.it/ | Name: dtLatC Value: 131 |
|
.bmedonline.it/ | Name: dtSa Value: - |
|
.bmedonline.it/ | Name: mmapi.p.bid Value: %22prodfracgeu05%22 |
|
.bmedonline.it/ | Name: mmapi.p.srv Value: %22prodfracgeu05%22 |
|
.bmedonline.it/ | Name: mmapi.p.pd Value: %22cIU88iQupGoG07RjVNeFrGzEXukkBbSPsHcGk9pWV0A%3D%7CAgAAAApDH4sIAAAAAAAEAGNhuDxFiU1Q3LuTgTmtKJFRiIHRiWFuaTwXI4PTlR0MrdK3PbQapoFpBiD4DwUMbC6ZRanJJYyC4owgcTCASYJoRob3GYwMO6rFIpMExcHagEoFxUESDGAdjHzTmRnOb2CB6mV0BQAQCI6TigAAAA%3D%3D%22 |
|
www.bmedonline.it/ | Name: BIGipServermt-dvcm-ib-prod Value: 1105373376.36895.0000 |
|
www.bmedonline.it/ | Name: JSESSIONID Value: hxClC0xDq31AcreAHuI1WMvDuuNa7XRz9LKxBFlDzg_xyFUfrYiu!-866643646 |
|
.bmedonline.it/ | Name: _rollupGA Value: GA1.2.1598479508.1677806228 |
|
.bmedonline.it/ | Name: _rollupGA_gid Value: GA1.2.1072261127.1677806228 |
|
.bmedonline.it/ | Name: _dc_gtm_UA-75985629-1 Value: 1 |
|
.bmedonline.it/ | Name: _gid Value: GA1.2.839035132.1677806228 |
|
.bmedonline.it/ | Name: _dc_gtm_UA-42757807-2 Value: 1 |
|
.bmedonline.it/ | Name: ORA_FPC Value: id=a90f131c-e93c-43ef-a10c-9faff714f77d |
|
.bmedonline.it/ | Name: _ga Value: GA1.1.1598479508.1677806228 |
|
.bmedonline.it/ | Name: _ga_LF895BPLT1 Value: GS1.1.1677806227.1.0.1677806227.0.0.0 |
|
.bmedonline.it/ | Name: _ga_KWXM96PDQW Value: GS1.1.1677806227.1.0.1677806227.0.0.0 |
|
.bmedonline.it/ | Name: rxvt Value: 1677808027738|1677806225588 |
|
.bmedonline.it/ | Name: dtPC Value: 8$206225575_848h-vBCSDAUWPAEHEWAKTOUMWJCBALBCPCBPE-0e0 |
|
.bmedonline.it/ | Name: OAMAuthnHintCookie Value: 0@1677806229 |
|
www.bmedonline.it/ | Name: OAMRequestContext_70672b Value: pg+jQYSzoTiOJ2lUNhoMeQ== |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.oracleinfinity.io
d.oracleinfinity.io
dc.oracleinfinity.io
service.maxymiser.net
sso-c-pro.mediolanum.it
stats.g.doubleclick.net
www.bmedonline.it
www.google-analytics.com
www.googletagmanager.com
142.250.80.40
142.251.32.110
147.154.49.177
172.253.122.156
184.29.185.244
23.33.40.153
45.60.122.166
0bab3a2b25a7cad253ef2bacb100651a20389a8410c7f54a7796cfdec9ef923a
11f85e93c91723993835cc37c68a7c766b571b0070e55f1a3dd0c06670906e84
1312ef60ad9561ec4b16edd5de15a3f55bb75b9a80e5527e42679d735db0218d
154ad6de6380d2749374c82b8e61f172eb2f7614861592040c5ab783c23aaa2e
15d7d7324ea02dbd4369c0e2df7cd263dd5522ae4da9b467e8a145bab21fbd68
171ac238374d53520ded08e6f040948a28f13c83cf1799aef882270358e5c3f1
21978f9951f5ab48d8b56461dc6100dcb9d345c710e64c661e62a646d29ed822
2abd40e780aac0d0cff59e3d49196e0bb48365d551bef8e39f479ebeffa64281
31cfcd1ad88bf747abac2fda5f78587f0bfd4d59d6bb12f608c46f6ab84e5b76
3a3cebc4d7a4938330f7ae34c9ddb7318805a2c1f275bd460c6377be4b4efc2e
42660412d013b3f04994265b6e1bc793ee425f1f8bd0fceee866257c1774351e
4399743619a3a11d57f20ef8d83a33fba501743bd5067fa2b92bcc87d2608d13
44048e725f425f332d124ed9e9d9036ba504102b1db676d28225fe71652b5210
4521d2660af14ced6628837ff5ec772f2f7bc4467acfaee5d45529065bc322d4
45f549d08692a517c5f7f36e48fc0becb0a45c1677134079dc88b651e1341293
49d14b1114e64000c88c4787ba811eff7bbc18061300d894fb16d16501a4f865
55b789ad82ad109262ff49845e19086dce40a7753955831a1dfedc4c43cd158d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
692ac73f354816380d4436833d9f8088ade3770d9f324e249515b89164930242
69d5a4dab2ef8994ec011de3283cfdf3290e39a235116067250dbc01c2e84619
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e8a5b5e3b259cc978d529f1d2ca1fe75c5602c365fb35b9a1add2019438f7c0
70160db8aa91bece3742d57a1970a9af008fa8af316b1ec0752eeb552e5a3bde
734640640053239115134822f762c281aa24a8f4f84896d5d379407748b94ea0
7474fccf061a2ed7f2dbad9068517eceac93fb27ca6e2be35dbcace0369e41fd
749924d2cd3a153ba8cbc4c6ba4fc8a6e0159aeb1640bded791d7a0c53ac5712
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7e9db0160b9ded474da6a70a39a066ecd0a33f98fbfbd591f270c54197da98bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8887872dfa818a2c63ba2a496f811cbcbef2e6444c0d343e295e832cece0f510
89dede7a4040ce0819b3c526677afbce7c593d9b4503925ebf8f2e84d70cef02
8c814712ccaf55e4f93469daf010ba277e8569d60781237c3a2ac6eaf81359e1
8d9aab5e84dc6e2446b86ef2b4e65cd50382627f0849b9fb4b64d143669b467c
9429cae40ac44408fc4596715dd0ddc23669b030216ec11cf8e883f314680780
97227913ae59157c62b32fd2fc138b49db44a86fea540c9361542aa4e6aff5c3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
bdd0ec2ebe9a0519d763f2be087a0d0ef91a803823b4dcb7cfc8c841a10d6d8d
bf1ed18df313c77146e696fd64c00b3d530e7cd70212e4048b02497a95c58c5a
c093294bb42d7f10d4788894b8454e450f4a62a15c49875cf223233c0816db3c
cc3bc0c6d80f204b3d34e72fe69e6493fa1af9d12b2ece9a0600cac5524ede76
d287be0e320369cd079d543be40255dd263750b71cf2b3d6d402fe8894262d5f
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d3ee3d769bec12da2246a31cdafa9f19b4889c27876aa37f224510e46caac0b4
d74328754a4836650f0f80ccd11c1836543b7a68628fb2436d4ed3dbb6151583
dd1bfa380c09a1398a06b8578b5ad6ebd69698cf3a6b93d5a6c4d86c19a79d03
e168d257dc35cbfd226a9bff8e97cdb72897204aba499857934ac7d5c0ba8a50
e286d3efcdcf6a94bec8b18ac291c7561919a3d087927c878921be2e67131f25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b
edc59a3d87e825d0c1b25a810792f9827bc8ac2edb7b77664ef3411511019e40
f706d3ab65bc881e780aa6662ef31ab5e900c5ee0eec60971775bab33b102d90
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
feaaf4e9e2f8cd65ece2416845dbd7513d07029557275eb440497f17a6edd520