login.microsoftonline.com
Open in
urlscan Pro
2603:1027:1:158::2
Public Scan
Effective URL: https://login.microsoftonline.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/wsfed?wtrealm=api%3A%2F%2F4614b3cf-7026-4144-a6ba-1c54e26d4...
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 21st 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
itau-pivo.blip.ai | |
itau.portalmfe.blip.ai | |
itau-tenant-account.blip.ai |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
itauportalmfe.blob.core.windows.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
itau-tenant-external.blip.ai |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
10726647.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net |
Domain | Requested by | |
---|---|---|
11 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
8 | cdn.segment.com |
itau-pivo.blip.ai
cdn.segment.com |
5 | itau-tenant-external.blip.ai |
itau-pivo.blip.ai
|
5 | itau-pivo.blip.ai |
itau-pivo.blip.ai
|
4 | www.googletagmanager.com |
itau-pivo.blip.ai
www.googletagmanager.com cdn.segment.com |
4 | fast.appcues.com |
itau-pivo.blip.ai
fast.appcues.com cdn.segment.com |
3 | itau-tenant-account.blip.ai | 3 redirects |
2 | aadcdn.msauthimages.net | |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | login.microsoftonline.com |
itau-pivo.blip.ai
aadcdn.msauth.net |
2 | www.google.de |
itau-pivo.blip.ai
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
az416426.vo.msecnd.net |
2 | 10726647.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
az416426.vo.msecnd.net |
2 | itau.portalmfe.blip.ai |
itau-pivo.blip.ai
|
2 | fonts.googleapis.com |
itau-pivo.blip.ai
client |
1 | login.live.com |
login.microsoftonline.com
|
1 | www.google.com |
itau-pivo.blip.ai
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | ad.doubleclick.net |
itau-pivo.blip.ai
|
1 | js.hs-analytics.net |
cdn.segment.com
|
1 | az416426.vo.msecnd.net |
itau-pivo.blip.ai
|
1 | itauportalmfe.blob.core.windows.net |
itau-pivo.blip.ai
|
1 | cdnjs.cloudflare.com |
itau-pivo.blip.ai
|
0 | autologon.microsoftazuread-sso.com Failed | |
64 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
itau-pivo.blip.ai WE1 |
2024-07-09 - 2024-10-07 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2024 Q2 |
2024-06-07 - 2025-07-09 |
a year | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 08 |
2024-04-13 - 2025-04-08 |
a year | crt.sh |
blip.ai Thawte TLS RSA CA G1 |
2024-02-02 - 2025-03-04 |
a year | crt.sh |
itau.portalmfe.blip.ai Cloudflare Inc ECC CA-3 |
2023-10-31 - 2024-10-30 |
a year | crt.sh |
*.segment.com Amazon RSA 2048 M03 |
2023-11-14 - 2024-12-13 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-06-06 - 2025-06-06 |
a year | crt.sh |
hs-analytics.net WE1 |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
*.doubleclick.net WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.google.de WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
*.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-24 - 2025-06-19 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2024-05-21 - 2025-05-21 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-04-30 - 2025-04-30 |
a year | crt.sh |
aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-06-04 - 2025-05-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.microsoftonline.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/wsfed?wtrealm=api%3A%2F%2F4614b3cf-7026-4144-a6ba-1c54e26d443a&wa=wsignin1.0&wreply=https%3A%2F%2Fitau-tenant-account.blip.ai%2Fsignin-wsfed-itau-pivo&wctx=CfDJ8KBd6KeaRz9Ko2K2lvZ0KYm0zv6tiE-2KXvxytEiIg__IrfxQBDDZT3E4gZQFzHaXWyinCXaOQrmSbtKlhtJb1gC3QHB3gpBMM18ZC-z2J8lKluRCD_zifJQyAw17cGCplpC3hmxiTKGgOrmGGNKzdwHA-8UwZkKCNROVOj3dpBgGNxWNTjoFh7sGAnfyDMBYtjk4C4FKD-LFR_YTHYsYAfpFqjuNY_91KRI-0eZzx5FiwUK8m_YkF4THbDqC5D8Pg_rWlL4Z6akFiPyNDbb8KyowStRHhfq56sd_cvvs4EG5UyqQVLcV3Bj1pw_DuP-egy-b5Rof-yX85kqKEBiWPYELwO4uk2ht2ziy8-M23XQa2Oue_7C6VZIHNsyr6HIjzTOtiJVLzQ2R415CZHAjPA_M5QaZvDxfMvLmxEvSwIPsVNGeia8mipvXTkvNKBG3aDdJhWKj2FusirNvTfRKYuc2fT-JscwXStQGOKeLZp2ECmxXOT3bVxV7n7pJTs8269S3UqyQWzNxeM4SiXpkl6GmPC5lhtk_OaCHWFi7gS4cZkjQ-Rr2ocsJMby_sufF3KZCK1QMuHxjreKB3qFScvff-TRWaUmCxrp700mxJfFZ_HReYc1miRLBuO8tJt5ZuqWOjv7YynucMD3uNe-bjAAVqeHELHavf3CJGf7GeXOJi3Skl_OT4NOAQaFOEbiE7BAwNmMw0RAYK78IRUs-iLOmmqmlteyT1DdO7vFMyHd
Frame ID: 5095F560AB6843C4DA27B192AAD540A4
Requests: 60 HTTP requests in this frame
Frame:
https://10726647.fls.doubleclick.net/activityi;dc_pre=CIOMjuf4mYcDFUs0-QAdtzYPGw;src=10726647;type=invmedia;cat=takeb000;ord=7605771248051;npa=1;auiddc=1458165023.1720527607;u4=%2Fapplication;ps=1;pcor=331059915;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8853409725za201zb853409725;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fitau-pivo.blip.ai%2Fapplication
Frame ID: 720E39BEE8CCA715BE7FC1E4E23C727B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
- https://itau-pivo.blip.ai/ Page URL
-
https://itau-tenant-account.blip.ai/connect/authorize?client_id=blip-portal&redirect_uri=https%3A%2F%2Fitau-pivo...
HTTP 302
https://itau-tenant-account.blip.ai/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dblip-portal%... HTTP 302
https://itau-tenant-account.blip.ai/external/challenge?provider=itau-pivo&returnUrl=%2Fconnect%2Fauthorize%2Fcal... HTTP 302
https://login.microsoftonline.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/wsfed?wtrealm=api%3A%2F%2F4614b3cf-7026... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
HubSpot Analytics (Analytics) Expand
Detected patterns
- js\.hs-analytics\.net/analytics
Segment (Analytics) Expand
Detected patterns
- cdn\.segment\.com/analytics\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: Datenschutz und Cookies
Search URL Search Domain Scan URL
Title: Haftungsausschluss
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://itau-pivo.blip.ai/ Page URL
-
https://itau-tenant-account.blip.ai/connect/authorize?client_id=blip-portal&redirect_uri=https%3A%2F%2Fitau-pivo.blip.ai%2Fauthorize&response_type=id_token%20token&scope=offline_access%20openid%20profile%20email%20api-payment-service.full_access%20api-extension-service.full_access&state=d13f7db6cb274185bfc31286357e19dd&nonce=6caddff81a274fc38c37003a08172fa8
HTTP 302
https://itau-tenant-account.blip.ai/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dblip-portal%26redirect_uri%3Dhttps%253A%252F%252Fitau-pivo.blip.ai%252Fauthorize%26response_type%3Did_token%2520token%26scope%3Doffline_access%2520openid%2520profile%2520email%2520api-payment-service.full_access%2520api-extension-service.full_access%26state%3Dd13f7db6cb274185bfc31286357e19dd%26nonce%3D6caddff81a274fc38c37003a08172fa8 HTTP 302
https://itau-tenant-account.blip.ai/external/challenge?provider=itau-pivo&returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dblip-portal%26redirect_uri%3Dhttps%253A%252F%252Fitau-pivo.blip.ai%252Fauthorize%26response_type%3Did_token%2520token%26scope%3Doffline_access%2520openid%2520profile%2520email%2520api-payment-service.full_access%2520api-extension-service.full_access%26state%3Dd13f7db6cb274185bfc31286357e19dd%26nonce%3D6caddff81a274fc38c37003a08172fa8®isterV2=True HTTP 302
https://login.microsoftonline.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/wsfed?wtrealm=api%3A%2F%2F4614b3cf-7026-4144-a6ba-1c54e26d443a&wa=wsignin1.0&wreply=https%3A%2F%2Fitau-tenant-account.blip.ai%2Fsignin-wsfed-itau-pivo&wctx=CfDJ8KBd6KeaRz9Ko2K2lvZ0KYm0zv6tiE-2KXvxytEiIg__IrfxQBDDZT3E4gZQFzHaXWyinCXaOQrmSbtKlhtJb1gC3QHB3gpBMM18ZC-z2J8lKluRCD_zifJQyAw17cGCplpC3hmxiTKGgOrmGGNKzdwHA-8UwZkKCNROVOj3dpBgGNxWNTjoFh7sGAnfyDMBYtjk4C4FKD-LFR_YTHYsYAfpFqjuNY_91KRI-0eZzx5FiwUK8m_YkF4THbDqC5D8Pg_rWlL4Z6akFiPyNDbb8KyowStRHhfq56sd_cvvs4EG5UyqQVLcV3Bj1pw_DuP-egy-b5Rof-yX85kqKEBiWPYELwO4uk2ht2ziy8-M23XQa2Oue_7C6VZIHNsyr6HIjzTOtiJVLzQ2R415CZHAjPA_M5QaZvDxfMvLmxEvSwIPsVNGeia8mipvXTkvNKBG3aDdJhWKj2FusirNvTfRKYuc2fT-JscwXStQGOKeLZp2ECmxXOT3bVxV7n7pJTs8269S3UqyQWzNxeM4SiXpkl6GmPC5lhtk_OaCHWFi7gS4cZkjQ-Rr2ocsJMby_sufF3KZCK1QMuHxjreKB3qFScvff-TRWaUmCxrp700mxJfFZ_HReYc1miRLBuO8tJt5ZuqWOjv7YynucMD3uNe-bjAAVqeHELHavf3CJGf7GeXOJi3Skl_OT4NOAQaFOEbiE7BAwNmMw0RAYK78IRUs-iLOmmqmlteyT1DdO7vFMyHd Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://10726647.fls.doubleclick.net/activityi;src=10726647;type=invmedia;cat=takeb000;ord=7605771248051;npa=1;auiddc=1458165023.1720527607;u4=%2Fapplication;ps=1;pcor=331059915;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8853409725za201zb853409725;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fitau-pivo.blip.ai%2Fapplication HTTP 302
- https://10726647.fls.doubleclick.net/activityi;dc_pre=CIOMjuf4mYcDFUs0-QAdtzYPGw;src=10726647;type=invmedia;cat=takeb000;ord=7605771248051;npa=1;auiddc=1458165023.1720527607;u4=%2Fapplication;ps=1;pcor=331059915;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730z8853409725za201zb853409725;gcd=13l3l3l2l1;dma_cps=syphamo;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fitau-pivo.blip.ai%2Fapplication
64 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
itau-pivo.blip.ai/ |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
portal.css
itau-pivo.blip.ai/ |
897 KB 175 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
39569.js
fast.appcues.com/ |
26 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom-elements-es5-adapter.min.js
cdnjs.cloudflare.com/ajax/libs/webcomponentsjs/2.5.0/ |
400 B 804 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
portal.js
itau-pivo.blip.ai/ |
11 MB 2 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcues.main.f2ce3417cb163932f0670dfe2dd49a188dde3925.js
fast.appcues.com/generic/main/6.2.6/ |
464 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.f2ce3417cb163932f0670dfe2dd49a188dde3925.css
fast.appcues.com/generic/main/6.2.6/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings.json
itau-pivo.blip.ai/ |
10 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mfesSettings.json
itauportalmfe.blob.core.windows.net/itau/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
5fbe9f015b160b09a7a9a2c9
itau-tenant-external.blip.ai/launchdarkly_app/sdk/goals/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
85.980b701ecf47a65e6e96.js
itau-pivo.blip.ai/ |
306 KB 93 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5fbe9f015b160b09a7a9a2c9
itau-tenant-external.blip.ai/launchdarkly_app/sdk/goals/ |
2 B 655 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
itau.portalmfe.blip.ai/itau/portal-fragment-ai-agents/latest/ |
1 MB 345 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
itau.portalmfe.blip.ai/itau/portal-fragment-blip-status/latest/ |
600 KB 183 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/s6RiaiVHbCZfASU9U7aIWz6dXdsbnUUD/ |
103 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
300 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
eyJjdXN0b20iOnsiZ3JvdXAiOiJib3QifSwiZW1haWwiOiJmcmVlQGZyZWUuY29tIiwia2V5IjoiZnJlZSIsIm5hbWUiOiJmcmVlIn0
itau-tenant-external.blip.ai/launchdarkly_app/sdk/evalx/5fbe9f015b160b09a7a9a2c9/users/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJjdXN0b20iOnsiZ3JvdXAiOiJib3QifSwiZW1haWwiOiJmcmVlQGZyZWUuY29tIiwia2V5IjoiZnJlZSIsIm5hbWUiOiJmcmVlIn0
itau-tenant-external.blip.ai/launchdarkly_app/sdk/evalx/5fbe9f015b160b09a7a9a2c9/users/ |
49 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
cdn.segment.com/v1/projects/s6RiaiVHbCZfASU9U7aIWz6dXdsbnUUD/ |
9 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcues.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/appcues/2.3.0/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hubspot.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ |
70 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
314 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
205 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
destination
www.googletagmanager.com/gtag/ |
273 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gtm.js
www.googletagmanager.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
39569.js
fast.appcues.com/ |
26 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1796841.js
js.hs-analytics.net/analytics/1720527900000/ |
68 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CIOMjuf4mYcDFUs0-QAdtzYPGw;src=10726647;type=invmedia;cat=takeb000;ord=7605771248051;npa=1;auiddc=1458165023.1720527607;u4=%2Fapplication;ps=1;pcor=331059915;uaa=;uab=;uafvl=;uamb=...
10726647.fls.doubleclick.net/ Frame 720E Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activity;register_conversion=1;src=10726647;type=invmedia;cat=takeb000;ord=7605771248051;npa=1;auiddc=1458165023.1720527607;u4=%2Fapplication;ps=1;pcor=331059915;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;u...
ad.doubleclick.net/ |
0 23 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJjdXN0b20iOnsiZ3JvdXAiOiJib3QifSwiZW1haWwiOiJmcmVlQGZyZWUuY29tIiwia2V5IjoiZnJlZSIsIm5hbWUiOiJmcmVlIn0
itau-tenant-external.blip.ai/launchdarkly_clientstream/eval/5fbe9f015b160b09a7a9a2c9/ |
49 KB 0 |
EventSource
text/event-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
wsfed
login.microsoftonline.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/ Redirect Chain
|
48 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 200 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_mc5ac6ol0l4d2iaqspstyg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedLogin_PCore_Kjlmc42uL0ATl_21eYcwVg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
437 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.login.strings-de.min_t2egxy3e-i7icwo0cfhacq2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
61 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/ |
186 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ |
17 KB 17 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b0528.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
illustration
aadcdn.msauthimages.net/dbd5a2dd-5b-vmtnx2m2d6-7yr4qileyhba6fqjfkmedke3seih4/logintenantbranding/0/ |
8 KB 8 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-5b-vmtnx2m2d6-7yr4qileyhba6fqjfkmedke3seih4/logintenantbranding/0/ |
5 KB 5 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ssoprobe
autologon.microsoftazuread-sso.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/winauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 651 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/gtm.js?id=GTM-MD969HG&l=dataLayer
- Domain
- autologon.microsoftazuread-sso.com
- URL
- https://autologon.microsoftazuread-sso.com/591669a0-183f-49a5-98f4-9aa0d0b63d81/winauth/ssoprobe?client-request-id=362793d6-528a-4987-9ad4-2e9bdff46e95&_=1720527611275
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170 boolean| __convergedlogin_pfetchsessionsprogress_0b5ca5d48eeaf75b052828 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
itau-tenant-account.blip.ai/signin-wsfed-itau-pivo | Name: .AspNetCore.Correlation.itau-pivo.p1Eb8NdzkVJFASMcpU7DeBCG7bh71e6dP0UyknfZIwA Value: N |
|
.itau-pivo.blip.ai/ | Name: ARRAffinity Value: 6312a540c76c4c19bc2877987bb5a0629c77271fa4b34600721aa334e0fbe3d5 |
|
.itau-pivo.blip.ai/ | Name: ARRAffinitySameSite Value: 6312a540c76c4c19bc2877987bb5a0629c77271fa4b34600721aa334e0fbe3d5 |
|
.blip.ai/ | Name: __cf_bm Value: 6QSvYjmxiT1MvAGmgU0msYVFt7O7OQsOS1qXz_sxJSg-1720527604-1.0.1.1-ZZTaB2NAjv9JZx7CMaM10ZfQNfMVfj7L1bTMy2BAlxvxlZeKeeZJ3hiTHONxgZI73dYG4sHswiQyahyfteT53Q |
|
itau-pivo.blip.ai/ | Name: ai_user Value: 8cyEl|2024-07-09T12:20:07.007Z |
|
.blip.ai/ | Name: _gcl_au Value: 1.1.1458165023.1720527607 |
|
.blip.ai/ | Name: _ga Value: GA1.2.631463397.1720527608 |
|
.blip.ai/ | Name: _gid Value: GA1.2.2088219350.1720527608 |
|
.blip.ai/ | Name: _gat_UA-79317370-1 Value: 1 |
|
itau-pivo.blip.ai/ | Name: NG_TRANSLATE_LANG_KEY Value: en |
|
itau-pivo.blip.ai/ | Name: ai_session Value: h7fzq|1720527607722.2|1720527607722.2 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlgg4n_WQI_FZJxEo5ysJJssvtrCyBuDc_4cdQzZaMuVqJaeCQ8254PzbVSuXU |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.itau-tenant-account.blip.ai/ | Name: ARRAffinity Value: 6312a540c76c4c19bc2877987bb5a0629c77271fa4b34600721aa334e0fbe3d5 |
|
.itau-tenant-account.blip.ai/ | Name: ARRAffinitySameSite Value: 6312a540c76c4c19bc2877987bb5a0629c77271fa4b34600721aa334e0fbe3d5 |
|
itau-tenant-account.blip.ai/ | Name: ExternalProviderReturnUrl Value: https%253a%252f%252fitau-pivo.blip.ai |
|
login.microsoftonline.com/ | Name: buid Value: 0.ASUAoGkWWT8YpUmY9Jqg0LY9gc-zFEYmcERBprocVOJtRDolAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYVg8fMUa_-L6Met2XojUi65ONb5qlY7juDJDpSwD-NgONFt_IwTfkA4yphE65ahTh0koOiZEbwxr-90Ya41V_haL5Acet-8u1VD_m3CDJe50gAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYUIkSxoKmavx0VnDeuK3OsE2GvAgfnmNSkltQFYKeVannlUzf_dKod-rDdsbsSZuZ6WcJ9bpJNZPG8QvA9NVHsTjSpgR6hBd4hzQWbij1c7Qvn7yh9lEetzxzWZv6YYUxm5THTSHuTo69a7DzSLa8tBpoBJUPfJVHcm7VQTGfrXwgAA |
|
.login.microsoftonline.com/ | Name: esctx-MBN9vgl2YQw Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYWgS-uzwf0q1_O-VtZy_iwBXIonFYauNYOBAuLDMxG8oa_sVwuEC8BJiBEF8hbk-z4CPqnYOiN3CdrFNpmIYXl3vjgOKuhwODbqfitUwPuqrEV9IxX5Az8r7bNw3ARnXOp_MwUfGf50oDIzJmp6A2WyAA |
|
login.microsoftonline.com/ | Name: fpc Value: AtCZrRMqfQ5NkkF0l3S9JculaKE8AQAAAPkhH94OAAAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
.blip.ai/ | Name: _ga_VYKG6G92NK Value: GS1.1.1720527607.1.1.1720527609.58.0.0 |
|
.login.live.com/ | Name: uaid Value: 16412ce5e56f444aa8d992d334cf25eb |
|
.login.live.com/ | Name: MSPRequ Value: id=N<=1720527610&co=1 |
|
login.microsoftonline.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: f28bd401-3533-439c-a192-29c36cfa3ccf |
|
.login.microsoftonline.com/ | Name: brcap Value: 0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline';font-src * data: blob: 'unsafe-inline'; |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10726647.fls.doubleclick.net
aadcdn.msauth.net
aadcdn.msauthimages.net
ad.doubleclick.net
autologon.microsoftazuread-sso.com
az416426.vo.msecnd.net
cdn.segment.com
cdnjs.cloudflare.com
dc.services.visualstudio.com
fast.appcues.com
fonts.googleapis.com
itau-pivo.blip.ai
itau-tenant-account.blip.ai
itau-tenant-external.blip.ai
itau.portalmfe.blip.ai
itauportalmfe.blob.core.windows.net
js.hs-analytics.net
login.live.com
login.microsoftonline.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
autologon.microsoftazuread-sso.com
www.googletagmanager.com
104.17.24.14
142.250.185.166
142.250.186.100
142.250.186.166
172.64.153.9
191.233.203.32
20.150.111.100
20.190.160.22
20.50.88.238
2001:4860:4802:34::36
216.58.212.163
2603:1027:1:158::2
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::ac40:9909
2606:4700::6810:a0a8
2620:1ec:29:1::45
2a00:1450:4001:811::200a
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a04:4e42:600::622
99.86.8.175
00ab59e4ef5fe153c844a57f7c07bdcff4658602d27b62f1cac36c293b48e028
035555416d6ef555ff11a16e94cbb5182cf4dfe0409ec8c642dfcc6a3f3e5264
04e2853193cb2766a21222cbe47e5d76e8e778b700b9dedb12a8a8e805e019b9
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
1a42f5583b68a1816c0f5cd2cf83264499334671d2ed15609c342e7fa7805376
1cb66d52d382bd6ae6612a29c4d7f2638fee81abc13a790c660eeddeb0a97253
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
319eda1d90badfc7841ef1d05678b06e4368704b4c955954263779b97cc0dbe2
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
39b715d1182468688af4ed263098873e8e65bf3dd938ab51ac8fae81d8f04d3d
3c7558fef94bdef1a69fe99546d2ff49bf2f7a3cd2dfb8c47769deed47664cf0
474ce0790ceb18a100cebaf1ac0915a51389fcae0830c3b44bfa1e365d40b2b4
4bdb5340502341fda2571f500f98a92fa58fd2057b28152e43b3a9756057f8ef
4be11c075187615adaf493d54cb7b05556e76806aed2b3b082d72952d0025be5
4d969616156f7a8c81e0f934bccbecf3f830f7356ea2afdee565a436d40855ac
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53686b321d9ddd47506a11e8a37267f84cdd9c72f1ed91479df4bfe9a86deaae
608593f077a8410faa60b64e5c06c457dc1679357a9aefef2ae08ad3d60c84c9
676894d189345f6c37b9dc5242e5af581820a30732655cea5a4a88398464e8a0
6b13adbbe189b96c891936d182e40efb0494324b1f237139b5182a19791156f8
7c91e1099f3c11efbfea6230908acc82e566ab5b57e46ed03488899f12be922e
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8552322e7fbdfd3e6991dad34c2ac99a9f45bd004b531b8ada6c0649499f498a
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b81b6dbb9af6502d78abe8a85d135861848e0597989901da42c62ecb841a07d
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
914b1380303de7b881ade68fa0c4d623a20ec47cab6f47ea19ccde3198768db6
937fc8e5a1f609aa4b4c5162dd0dfb1ea7715022df1b01d895e426945d02bed2
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
a64a5167701e213a53065caec96425f9e7973910b369b76ec87f65594c80e798
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2cb3077eb1ab09fd89519d7c73327b568fcec48c2879bcd1615fa28b07646b9
ba7bbea9a5dd4776f3fa38c23a772cd97cc7a00a0f28d1d7232e10b2ff0655ad
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
dacdf91d8bd612aebb4f1481374c9b15756f4b9de5c1901f5880c4f92cf0337e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdc848a8bd023d4c1cbf9b580f0e506482370e68beec9f538a221fef40c036a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ea076faa6d3b8c414bf6f46e5c351563163b7acedc3d837e0aaa9374a99cc
e7409211008d6fcbff6f4ca7caca99fb328594583b904398da452859cae9cda8
ea2417633a6eb940f9814a5e320e0e761d5ac73d09f7c852fdcc3fe2ed06b986
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01d4b343cc193b063535b3a7be5811ae7c8a8f7b3204f9c5b9850e773a0eac5