identity.dev.aws.ofx.com
Open in
urlscan Pro
76.223.106.8
Public Scan
Effective URL: https://identity.dev.aws.ofx.com/oauth2/default/v1/authorize?client_id=secure.02.uat.ofx.com&redirect_uri=https%3A%2F%2Fsecure.02...
Submission: On August 24 via manual from GB — Scanned from AU
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 11th 2022. Valid for: a year.
This is the only time identity.dev.aws.ofx.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-97-53.ap-southeast-2.compute.amazonaws.com
secure.02.uat.ofx.com |
ASN16509 (AMAZON-02, US)
PTR: a556120ce37110a35.awsglobalaccelerator.com
identity.dev.aws.ofx.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-2.sin52.r.cloudfront.net
op3static.oktacdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-98.sin52.r.cloudfront.net
login-resources.dev.aws.ofx.com |
ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-102.sin5.r.cloudfront.net
login.okta.com |
ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-108.sin52.r.cloudfront.net
rules.quantcount.com |
ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net
stats.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-127.sin52.r.cloudfront.net
sleeknotecustomerscripts.sleeknote.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-243-21.compute-1.amazonaws.com
staging.cdn-net.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com
pi.pardot.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-95.sin5.r.cloudfront.net
sleeknotestaticcontent.sleeknote.com |
ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
analytics.sleeknote.com |
ASN15169 (GOOGLE, US)
PTR: 11.2.190.35.bc.googleusercontent.com
six.cdn-net.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
ofx.com
4 redirects
secure.02.uat.ofx.com identity.dev.aws.ofx.com login-resources.dev.aws.ofx.com go.message.ofx.com |
107 KB |
7 |
google.com
analytics.google.com — Cisco Umbrella Rank: 451 www.google.com — Cisco Umbrella Rank: 9 |
976 B |
7 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 426 |
124 KB |
6 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
437 KB |
5 |
sleeknote.com
sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 20260 sleeknotestaticcontent.sleeknote.com — Cisco Umbrella Rank: 23783 analytics.sleeknote.com — Cisco Umbrella Rank: 25551 |
51 KB |
5 |
oktacdn.com
op3static.oktacdn.com — Cisco Umbrella Rank: 103880 |
615 KB |
4 |
cdn-net.com
staging.cdn-net.com — Cisco Umbrella Rank: 397307 six.cdn-net.com — Cisco Umbrella Rank: 11880 |
39 KB |
4 |
google.com.au
www.google.com.au — Cisco Umbrella Rank: 21619 |
822 B |
4 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 108 |
607 B |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45 |
72 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422 |
7 KB |
2 |
pardot.com
pi.pardot.com — Cisco Umbrella Rank: 3602 |
4 KB |
2 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976 pixel.quantserve.com — Cisco Umbrella Rank: 458 |
10 KB |
2 |
okta.com
login.okta.com — Cisco Umbrella Rank: 6336 |
97 KB |
1 |
mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7136 |
63 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 706 |
459 B |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933 |
2 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219 |
4 KB |
68 | 18 |
Domain | Requested by | |
---|---|---|
7 | cdn.cookielaw.org |
www.googletagmanager.com
cdn.cookielaw.org |
7 | login-resources.dev.aws.ofx.com |
identity.dev.aws.ofx.com
login-resources.dev.aws.ofx.com |
6 | analytics.google.com |
www.googletagmanager.com
|
6 | www.googletagmanager.com |
identity.dev.aws.ofx.com
www.googletagmanager.com |
5 | op3static.oktacdn.com |
identity.dev.aws.ofx.com
|
4 | www.google.com.au |
identity.dev.aws.ofx.com
|
4 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
4 | secure.02.uat.ofx.com | 4 redirects |
3 | sleeknotestaticcontent.sleeknote.com |
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com |
3 | staging.cdn-net.com |
identity.dev.aws.ofx.com
staging.cdn-net.com |
3 | www.google-analytics.com |
www.googletagmanager.com
identity.dev.aws.ofx.com |
3 | cdn.jsdelivr.net |
identity.dev.aws.ofx.com
|
2 | pi.pardot.com |
identity.dev.aws.ofx.com
pi.pardot.com |
2 | login.okta.com |
op3static.oktacdn.com
login.okta.com |
2 | identity.dev.aws.ofx.com |
op3static.oktacdn.com
|
1 | go.message.ofx.com |
pi.pardot.com
|
1 | six.cdn-net.com |
staging.cdn-net.com
|
1 | analytics.sleeknote.com | |
1 | sleeknotecustomerscripts.sleeknote.com |
identity.dev.aws.ofx.com
|
1 | cdn.mouseflow.com |
www.googletagmanager.com
|
1 | www.google.com |
identity.dev.aws.ofx.com
|
1 | pixel.quantserve.com |
identity.dev.aws.ofx.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | cdnjs.cloudflare.com |
identity.dev.aws.ofx.com
|
1 | secure.quantserve.com |
www.googletagmanager.com
|
68 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ofx.com |
secure.02.uat.ofx.com |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
identity.ofx.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-11 - 2023-05-27 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-22 - 2023-01-22 |
a year | crt.sh |
*.dev.aws.ofx.com Amazon |
2022-07-19 - 2023-08-17 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
accounts.okta.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-13 - 2023-07-25 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-12 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
*.google.com.au GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-12 - 2022-09-14 |
2 years | crt.sh |
*.sleeknote.com Amazon |
2022-01-18 - 2023-02-14 |
a year | crt.sh |
*.cdn-net.com Amazon |
2022-08-16 - 2023-09-14 |
a year | crt.sh |
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-08 - 2022-11-07 |
a year | crt.sh |
analytics.sleeknote.com GTS CA 1D4 |
2022-07-23 - 2022-10-21 |
3 months | crt.sh |
go.message.ofx.com R3 |
2022-08-02 - 2022-10-31 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://identity.dev.aws.ofx.com/oauth2/default/v1/authorize?client_id=secure.02.uat.ofx.com&redirect_uri=https%3A%2F%2Fsecure.02.uat.ofx.com%2Fsignin-oidc-okta&response_type=code&scope=openid%20profile%20offline_access%20ALLAPI&code_challenge=RF3S8tHdIyKc7l71-RMEcUarxF2gYGvjLmIw5KkX9j8&code_challenge_method=S256&response_mode=form_post&nonce=637969203262687947.MThhNzY4YzItNTI2Zi00YmEzLTkxNjktNThhZDRlNjJiMGEzZjZkZTcxNjctNzE0OS00ZmQ0LTlkYTMtYTM3MDk2MzgxNmRl&state=CfDJ8FOCGOj3YehEgPfJcuJL3RxRRzc-nTjvWLts-w0rYXB5pXzPp0MoRDpgz4dF0yLqOtmPS-so2qozo0Yz6vj3jo6Bi8utaeL-PzlPwRL7V64AThEnT8Y5lyP9nIvNJY_dZgddBT3dqkA56ENC3TwmeC2pL_5-6R_ePT6nl8f7fsa0Ca80XqRDIJ3RidiwLt9LWV600VW5HXyHP57HurfZv5zMT1CeQFjUUg_dJfeheR8_J4rT9bCch6KPXPP7vBEBKJQhECljAssTKy2tfXl3cJsKMNo0J91vhsXgorUtgXf9tc33fK9Sr9Pvk4AX06P46eNzwRd2I_t2ODxJme1tu-WeWFHfT8b5gnXAzl8sNr7fYUI1euUhY6XcmzNa0L9SRA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
Frame ID: CCD5457645CBD69966CA720DD7495B22
Requests: 67 HTTP requests in this frame
Frame:
https://login.okta.com/discovery/iframe.html
Frame ID: 3DC40FADD223DEA1511B6C4133601F05
Requests: 2 HTTP requests in this frame
Frame:
https://staging.cdn-net.com/s2?t=AQhjhqXDjnA9RXMM8wnNyucO&x=1&sid=568a06a295065566&tid=4118ebc3-4c88-41a9-b5a6-4c31c3c27b26
Frame ID: 304D64B20CEE748CFE242B942F5CDC11
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Log in to OFXBack ButtonSearch IconFilter IconPage URL History Show full URLs
-
http://secure.02.uat.ofx.com/
HTTP 301
https://secure.02.uat.ofx.com/ HTTP 302
http://secure.02.uat.ofx.com/loginHome?ReturnUrl=%2F HTTP 301
https://secure.02.uat.ofx.com/loginHome?ReturnUrl=%2F HTTP 302
https://identity.dev.aws.ofx.com/oauth2/default/v1/authorize?client_id=secure.02.uat.ofx.com&redirect_uri=htt... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Mouse Flow (Analytics) Expand
Detected patterns
- cdn\.mouseflow\.com
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Polyfill (JavaScript Libraries) Expand
Detected patterns
- /polyfill\.min\.js
Quantcast Measure (Analytics) Expand
Detected patterns
- \.quantserve\.com/quant\.js
TrackJs (Analytics) Expand
Detected patterns
- tracker\.js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: OFX
Search URL Search Domain Scan URL
Title: REGISTER
Search URL Search Domain Scan URL
Title: Personal
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Online Sellers
Search URL Search Domain Scan URL
Title: Partner With Us
Search URL Search Domain Scan URL
Title: Market News
Search URL Search Domain Scan URL
Title: Forgot?
Search URL Search Domain Scan URL
Title: Forgot?
Search URL Search Domain Scan URL
Title: Product Disclosure Statement
Search URL Search Domain Scan URL
Title: Financial Services Guide
Search URL Search Domain Scan URL
Title: full disclaimer
Search URL Search Domain Scan URL
Title: Money Laundering Statement
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: More information
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://secure.02.uat.ofx.com/
HTTP 301
https://secure.02.uat.ofx.com/ HTTP 302
http://secure.02.uat.ofx.com/loginHome?ReturnUrl=%2F HTTP 301
https://secure.02.uat.ofx.com/loginHome?ReturnUrl=%2F HTTP 302
https://identity.dev.aws.ofx.com/oauth2/default/v1/authorize?client_id=secure.02.uat.ofx.com&redirect_uri=https%3A%2F%2Fsecure.02.uat.ofx.com%2Fsignin-oidc-okta&response_type=code&scope=openid%20profile%20offline_access%20ALLAPI&code_challenge=RF3S8tHdIyKc7l71-RMEcUarxF2gYGvjLmIw5KkX9j8&code_challenge_method=S256&response_mode=form_post&nonce=637969203262687947.MThhNzY4YzItNTI2Zi00YmEzLTkxNjktNThhZDRlNjJiMGEzZjZkZTcxNjctNzE0OS00ZmQ0LTlkYTMtYTM3MDk2MzgxNmRl&state=CfDJ8FOCGOj3YehEgPfJcuJL3RxRRzc-nTjvWLts-w0rYXB5pXzPp0MoRDpgz4dF0yLqOtmPS-so2qozo0Yz6vj3jo6Bi8utaeL-PzlPwRL7V64AThEnT8Y5lyP9nIvNJY_dZgddBT3dqkA56ENC3TwmeC2pL_5-6R_ePT6nl8f7fsa0Ca80XqRDIJ3RidiwLt9LWV600VW5HXyHP57HurfZv5zMT1CeQFjUUg_dJfeheR8_J4rT9bCch6KPXPP7vBEBKJQhECljAssTKy2tfXl3cJsKMNo0J91vhsXgorUtgXf9tc33fK9Sr9Pvk4AX06P46eNzwRd2I_t2ODxJme1tu-WeWFHfT8b5gnXAzl8sNr7fYUI1euUhY6XcmzNa0L9SRA&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
authorize
identity.dev.aws.ofx.com/oauth2/default/v1/ Redirect Chain
|
55 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uuidv4.min.js
cdn.jsdelivr.net/npm/uuid@8.3.2/dist/umd/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
cdn.jsdelivr.net/npm/promise-polyfill@8.2.0/dist/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fetch.umd.min.js
cdn.jsdelivr.net/npm/whatwg-fetch@3.6.2/dist/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.js
op3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.6.1/js/ |
2 MB 491 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okta-sign-in.min.css
op3static.oktacdn.com/assets/js/sdk/okta-signin-widget/6.6.1/css/ |
218 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom-signin.241e0fb439244dc50c5929c0513a6765.css
op3static.oktacdn.com/assets/loginpage/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
login-resources.dev.aws.ofx.com/styles/ |
119 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.min.css
login-resources.dev.aws.ofx.com/styles/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ofx-global-min.css
login-resources.dev.aws.ofx.com/styles/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
local.css
login-resources.dev.aws.ofx.com/styles/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
224 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.png
login-resources.dev.aws.ofx.com/styles/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ciutadella_rounded_regular-webfont.woff2
login-resources.dev.aws.ofx.com/styles/fonts/ |
28 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initLoginPage.pack.47db94d2da847bad7e35886ca1ebf00e.js
op3static.oktacdn.com/assets/js/mvc/loginpage/ |
204 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fs03w9vwm03qYa5EZ1d7
op3static.oktacdn.com/fs/bco/1/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ofx-icons.woff2
login-resources.dev.aws.ofx.com/styles/fonts/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
introspect
identity.dev.aws.ofx.com/api/v1/authn/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
login.okta.com/discovery/ Frame 3DC4 |
546 B 985 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
414 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
405 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
discoveryIframe-2692d5ddd2b91a4c061d.min.js
login.okta.com/lib/ Frame 3DC4 |
96 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
199 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.google-analytics.com/gtm/ |
186 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
220 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
218 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha256.js
cdnjs.cloudflare.com/ajax/libs/jsSHA/2.3.1/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d91f68eb-6e3e-4b88-8fca-fca648a3b0c0.json
cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-9xPpAFMcLk8qV.js
rules.quantcount.com/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
187 B 459 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 353 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 353 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
analytics.google.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 45 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.30.0/ |
332 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
8 B 155 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 192 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=983425135;labels=_fp.event.PageView;source=gtm;event=refresh;rf=0;a=p-9xPpAFMcLk8qV;url=https%3A%2F%2Fidentity.dev.aws.ofx.com%2F;uht=2;fpan=1;fpa=P0-319071736-1661323531364;pbc=;ns=0;ce=1;...
pixel.quantserve.com/ |
35 B 372 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/d91f68eb-6e3e-4b88-8fca-fca648a3b0c0/92a0ed5e-5577-4922-bf25-9778b3067acc/ |
86 KB 17 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
125 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a65f2542-c798-4cbc-b46e-2101e508dc85.js
cdn.mouseflow.com/projects/ |
228 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
21647.js
sleeknotecustomerscripts.sleeknote.com/ |
45 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFloatingRounded.json
cdn.cookielaw.org/scripttemplates/6.30.0/assets/ |
10 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.30.0/assets/v2/ |
48 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.30.0/assets/ |
20 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
817 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.js
staging.cdn-net.com/ |
37 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pd.js
pi.pardot.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
sleeknotestaticcontent.sleeknote.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
package-core-boot.js
sleeknotestaticcontent.sleeknote.com/production/ |
113 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
package-tracker.js
sleeknotestaticcontent.sleeknote.com/production/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics
pi.pardot.com/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
analytics.sleeknote.com/ |
35 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.js
six.cdn-net.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
et.js
staging.cdn-net.com/ |
98 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics
go.message.ofx.com/ |
50 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
s2
staging.cdn-net.com/ Frame 304D |
26 B 343 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
analytics.google.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| uuidv4 object| _cc object| WHATWGFetch object| regeneratorRuntime function| setImmediate function| clearImmediate function| jQueryCourage object| u2f function| OktaSignIn function| setCookieFunc function| showSpotlightLogo function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil function| disabledVerify function| setLoader function| disableFactorSmsTimeWarning function| authProxySignout object| OktaLogin object| jQBrowser object| google_tag_manager function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga object| google_tag_data object| _qevents function| setCookie object| head object| theScript object| iframe string| piAId string| piCId object| OneTrustStub function| OptanonWrapper function| jsSHA function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins function| onYouTubeIframeAPIReady object| gaGlobal string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_optimize object| gaData object| Optanon object| OneTrust boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| _mfq object| mouseflow object| SleekNote object| dev object| sleeknoteSiteData function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi number| c_start string| property number| script_loaded_time object| collector object| inauthNamespace string| collectorNamespaceName object| __DEFAULT_NAMESPACE function| piResponse27 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure.02.uat.ofx.com/signin-oidc-okta | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8FOCGOj3YehEgPfJcuJL3RyF2YtTtrlklI6SKMchaDa0nFBkOCBx9-8gtDqBiVZO1ibjo30-2wmIIuvU_5KQ3bHiqbzB2jG0umObwey1jrqH-gu9RF9hcXgASvbTw6h-pTFMWhf7NLyAWvC4MSsZDgbiJEYt44zxIGuSdMS7JoyGTMDlVxklJBTCExtIyYxukYhVjF-XqdS7DfxKi8ZmLAqN0MCS-FRzfQf4GHFUhZgIuVJ1VOwE0Yt6cmMcbE8h8AZoq4OjLA5F4Yk67yUBa_o Value: N |
|
secure.02.uat.ofx.com/signin-oidc-okta | Name: .AspNetCore.Correlation.Okta.YiTERDl9h5O8LG2ecvh3CPyeq1Lyot-fPbhBr8N-qpI Value: N |
|
identity.dev.aws.ofx.com/ | Name: t Value: default |
|
identity.dev.aws.ofx.com/ | Name: DT Value: DI1Q4bSWIFAQvK0gM5YCCnGxA |
|
identity.dev.aws.ofx.com/ | Name: JSESSIONID Value: 27A62EB13BA2DBFFB9E77691C8119AB8 |
|
identity.dev.aws.ofx.com/ | Name: oktaStateToken Value: 00gM3znoPVeSxnHp52ywPoTf4UxntZYYygVmZdbhi7 |
|
.ofx.com/ | Name: _ga_QR4C9L8X2C Value: GS1.1.1661323530.1.0.1661323530.60.0.0 |
|
.ofx.com/ | Name: _ga_TFB8GGR3P6 Value: GS1.1.1661323530.1.0.1661323530.60.0.0 |
|
.ofx.com/ | Name: _ga_EYPB30L58Z Value: GS1.1.1661323530.1.0.1661323530.60.0.0 |
|
.ofx.com/ | Name: _ga Value: GA1.2.1849166600.1661323531 |
|
.ofx.com/ | Name: _gid Value: GA1.2.1045592854.1661323531 |
|
.ofx.com/ | Name: _dc_gtm_UA-2217750-36 Value: 1 |
|
.quantserve.com/ | Name: mc Value: 6305c90b-8764a-2a935-eea8f |
|
.ofx.com/ | Name: __qca Value: P0-319071736-1661323531364 |
|
.ofx.com/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Aug+24+2022+06%3A45%3A31+GMT%2B0000+(GMT)&version=6.30.0&isIABGlobal=false&hosts=&consentId=1dd2f092-eeb1-4409-9e7a-da6da8360212&interactionCount=0&landingPath=https%3A%2F%2Fidentity.dev.aws.ofx.com%2F&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1 |
|
.ofx.com/ | Name: mf_a65f2542-c798-4cbc-b46e-2101e508dc85 Value: |.47.1661323532294|1661323532294||0|||0|0|93.1753 |
|
identity.dev.aws.ofx.com/ | Name: SNS Value: 1 |
|
identity.dev.aws.ofx.com/ | Name: _sn_m Value: {"r":{"n":1}} |
|
identity.dev.aws.ofx.com/ | Name: _sn_n Value: {"a":{"i":"0c57eec4-79d4-4903-8eed-749f2b5d889f"}} |
|
identity.dev.aws.ofx.com/ | Name: _sn_a Value: {"a":{"s":1661323534284},"v":"4582fe81-5ebd-4eff-a8fa-53352b57ad52"} |
|
staging.cdn-net.com/ | Name: _cc-x Value: ZGQxOWNiZTUtOWRjOC00MTJmLWFkMjEtZjE3NmFlYzAxYmRiOjE2NjEzMjM1MzQxNzY |
|
.pardot.com/ | Name: visitor_id251972 Value: 683961876 |
|
.pardot.com/ | Name: visitor_id251972-hash Value: b2c52dc53acea12a54efe8855a987ce713dfa247e95f360f624292f8e1e7cb5d5cf88768ed9a0b4d77f4281533777ed3e4b0a634 |
|
pi.pardot.com/ | Name: lpv251972 Value: aHR0cHM6Ly9pZGVudGl0eS5kZXYuYXdzLm9meC5jb20v |
|
identity.dev.aws.ofx.com/ | Name: _cc Value: AQhjhqXDjnA9RXMM8wnNyucO |
|
identity.dev.aws.ofx.com/ | Name: visitor_id251972 Value: 683961876 |
|
identity.dev.aws.ofx.com/ | Name: visitor_id251972-hash Value: b2c52dc53acea12a54efe8855a987ce713dfa247e95f360f624292f8e1e7cb5d5cf88768ed9a0b4d77f4281533777ed3e4b0a634 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
analytics.sleeknote.com
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.mouseflow.com
cdnjs.cloudflare.com
geolocation.onetrust.com
go.message.ofx.com
identity.dev.aws.ofx.com
login-resources.dev.aws.ofx.com
login.okta.com
op3static.oktacdn.com
pi.pardot.com
pixel.quantserve.com
rules.quantcount.com
secure.02.uat.ofx.com
secure.quantserve.com
six.cdn-net.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com
staging.cdn-net.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
103.229.10.180
104.16.149.64
104.16.88.20
104.17.25.14
104.18.41.98
13.224.250.2
13.227.254.108
13.227.254.127
13.227.254.98
142.251.10.94
142.251.12.100
142.251.12.97
151.139.128.11
18.208.125.13
216.239.34.21
216.239.38.181
3.215.172.219
35.190.2.11
52.44.243.21
52.84.251.102
52.84.251.95
54.253.97.53
74.125.130.106
74.125.200.157
76.223.106.8
01c2ddf68eaf07e408a6dc118d6c237ae302709a919772698d9dc03419e4ca30
03381f3465e236e687a1164e75610c1a3a26094509066ae535c20dbef1ef6951
091d76f16f933a48f5f6843bfef762c858697df7919646c95104eef2cc21a11c
0c1f8e0c079bb0f2c7361669eabc837483118f002ee033eb3f5342920361180d
13dc6d232103d4364a858bcf9e16893ea9ec0f54916155aa51e08811436ccaa4
141c19596fef8cffaae2919a0cbaa278b0cabe8f9bcacc98008b65ee7ef1b7f7
1a46f267ccf978edab204d0c7c96a2553ec259bf09ab9b9f67d957b26de8426d
22e63f3ce15d4f5591191b77d8afa656ac3fc086db382bf0929cdd17633ad410
2b89d184cc8f9722682db93bd6dcb89794e0b51817fce445dc24f30fc6777ec5
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
316ce50bd4a8f4815f7776a0e2231b7625f6334e432ed1b03987f4f2cc7e08a1
37094167372f0ebeb8922b627ad594bb414b61b760884f989063f900d249903d
372baf2dfb2f7c27c4f9c795ebf5b5f47faa569dccf1cf45cc0823ef6096dfdc
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
49cc3134e21c01d1e278a043c8312bdf66dd51945b90b3cf4fcf90acef12a3f0
4a23d89046025811db05e44c327b9d4d02b23874663aacc3c1ca7703f3f455d0
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
50271293d96187f01083e1a2d0f44d77a825c310ac3cf8ab75144cb9748d6c27
64b87d7f20fd8415961b110eea44d95759b9dd8573f5c1a08bd8cd321d3193d2
6715bc90092f30a816f52fb8cdf9d5cc5cdaa9ae5bcb59e537c0191a9c4b1e65
69c86ea4dfcd7a770f1f6c0253975c879dc6c27cbe757f76296cc2988a561e88
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f509e16d5dc9e756cce4288e3a900306ba2b692e95af651807f19e52aa1f850
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7fa9c21ac0be2fac9430c3ef304e770b17b8ef9a8e5042684ae229960cdea15d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
859971238df8c051203e1cba2b3c1c5b5090243411246c3d911cdb7696a10260
85ed006978a58b57bcdc304eb13c9ca777366512d3f32f1fb3a5f0a7043ae24a
8b08aade6b29080692bf0f45416ad7eecaefa111a26b026a3b10ddb9231520fa
8c542af95cedee2e268eb775aa36cc5923e01339e051391a383f0c3a93b91278
91560ba57bc12a375bce8e6defe133e4b48ddab07c704669cd7306b0ab9e5a5d
95e04af8d908349ff4df672e73e24e924fc2bc1d15c0d7512c68353a3df537eb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c340dd3914586acfd9e644e15964cb976c43d5d05dd4db674cf70271cac1ed
a7680036cb49e8b1676eb6e4014ed5d119cd1957ea44de318ce3aa10b89a7815
b0c18e0a053780e48915bd69a1fd34da18abc922b596194d93a47182483a3cd0
b6369128c3eddafb5ee2de0f85b61434cd8623353750110eccbbfdee4c76fc6d
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c723db24dbd596e5724468191766282e4e8bff2ac4d31ae7e3518d1714cb0973
c72b41add44a27ebe7a244c487d6cce0158118ea7ef52d926e3e02afc205bcb2
c72e4be919a8267f2487f5df30048cce6975648295de923d1b253a2ebddbed9a
cd758d117d02a0547e77e8455ccc9a171f1d514d37562e83221d2f3b5c4f95bb
d2ed26d854ae2a2678395fdd34f931b434ce1665bc4bcb4ef8c8884e94e901fb
d51d87fd461f115a931ba16c163615dbea510c782db8f9828bfe11468ecdc659
d5b54c8b1cdb3e33b308ca99c4684c076f8b096df89ef9aa46858581d63a75b7
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcc89f32e3f978bd4c2e313916b6267abd287eea87daec0e5c049150fd9062aa
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d48b0544e471c5d920c4216172b6f3c3d1fd4599f2de9c323f5d3582587e3d
eab1af97b00d29a3aff60018766a2d033d8bebdca859c15e7598f751dcc67719
eda69cf8f1d99496412aaf688688cfe383268f036c0132a1b5c92d0b2fcfb5de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6abddb4d1394ce6878c99682f1867fc3e67a414b2e04626d2a82cd92e2eb1ae
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fae20906673a26a0f1a80ad8d00877ba62da95df7ef5deaacbff58a14d19e5d9