![](/screenshots/dd82dee7-df05-4712-8e10-18fd40f90716.png)
www.bmedonline.it
Open in
urlscan Pro
45.60.122.166
Malicious Activity!
Public Scan
Submission: On January 31 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 13th 2022. Valid for: a year.
This is the only time www.bmedonline.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Mediolanum (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 42 | 45.60.122.166 45.60.122.166 | 19551 (INCAPSULA) (INCAPSULA) | |
3 | 23.54.219.17 23.54.219.17 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 23.66.192.128 23.66.192.128 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:821::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 130.35.229.66 130.35.229.66 | 31898 (ORACLE-BM...) (ORACLE-BMC-31898) | |
5 | 2607:f8b0:400... 2607:f8b0:4006:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c1b::9d | 15169 (GOOGLE) (GOOGLE) | |
56 | 7 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-54-219-17.deploy.static.akamaitechnologies.com
service.maxymiser.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-66-192-128.deploy.static.akamaitechnologies.com
c.oracleinfinity.io | |
d.oracleinfinity.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
bmedonline.it
2 redirects
www.bmedonline.it |
2 MB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21 |
20 KB |
5 |
oracleinfinity.io
c.oracleinfinity.io — Cisco Umbrella Rank: 8059 d.oracleinfinity.io — Cisco Umbrella Rank: 11610 dc.oracleinfinity.io — Cisco Umbrella Rank: 8533 |
39 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
224 KB |
3 |
maxymiser.net
service.maxymiser.net — Cisco Umbrella Rank: 7992 |
73 KB |
2 |
mediolanum.it
2 redirects
sso-c-pro.mediolanum.it |
13 KB |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
415 B |
56 | 7 |
Domain | Requested by | |
---|---|---|
40 | www.bmedonline.it |
2 redirects
www.bmedonline.it
|
5 | www.google-analytics.com |
www.googletagmanager.com
www.bmedonline.it |
3 | www.googletagmanager.com |
www.bmedonline.it
www.googletagmanager.com |
3 | service.maxymiser.net |
www.bmedonline.it
service.maxymiser.net |
2 | sso-c-pro.mediolanum.it | 2 redirects |
2 | stats.g.doubleclick.net |
www.bmedonline.it
|
2 | dc.oracleinfinity.io |
www.bmedonline.it
|
2 | d.oracleinfinity.io |
c.oracleinfinity.io
|
1 | c.oracleinfinity.io |
www.bmedonline.it
|
56 | 9 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.bmedonline.it DigiCert SHA2 Extended Validation Server CA |
2022-07-13 - 2023-08-13 |
a year | crt.sh |
*.maxymiser.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-23 - 2024-01-22 |
a year | crt.sh |
c.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-22 - 2023-08-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
dc.oracleinfinity.io DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-19 - 2023-09-07 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.bmedonline.it/ecm/?login=true
Frame ID: ACC91C4E54478C556B7D19946F325AA4
Requests: 56 HTTP requests in this frame
Screenshot
![](/screenshots/dd82dee7-df05-4712-8e10-18fd40f90716.png)
Page Title
Banca Mediolanum S.p.A. | Accesso clientiDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- fingerprint(\d)?(?:\.min)?\.js
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Detected patterns
- /_Incapsula_Resource
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
39 Outgoing links
These are links going to different origins than the main page.
Title: BANCA MEDIOLANUM
Search URL Search Domain Scan URL
Title: FAMILY BANKER
Search URL Search Domain Scan URL
Title: FONDAZIONE MEDIOLANUM ONLUS
Search URL Search Domain Scan URL
Title: Mediolanum Corporate University
Search URL Search Domain Scan URL
Title: Mediolanum Fiduciaria
Search URL Search Domain Scan URL
Title: Mediolanum Investment Banking
Search URL Search Domain Scan URL
Title: Banco Mediolanum
Search URL Search Domain Scan URL
Title: Bankhaus August Lenz
Search URL Search Domain Scan URL
Title: Gamax Management AG
Search URL Search Domain Scan URL
Title: EuroCQS S.p.A.
Search URL Search Domain Scan URL
Title: Flowe S.p.A. Società Benefit
Search URL Search Domain Scan URL
Title: Private Banking
Search URL Search Domain Scan URL
Title: Centodieci
Search URL Search Domain Scan URL
Title: Mediolanum Assicurazioni
Search URL Search Domain Scan URL
Title: Mediolanum Gestione Fondi
Search URL Search Domain Scan URL
Title: Mediolanum International Funds
Search URL Search Domain Scan URL
Title: Mediolanum International Life
Search URL Search Domain Scan URL
Title: Mediolanum Vita
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Scopri di più
Search URL Search Domain Scan URL
Title: Scopri di più
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Dati societari
Search URL Search Domain Scan URL
Title: Trasparenza
Search URL Search Domain Scan URL
Title: AccessibilitÃ
Search URL Search Domain Scan URL
Title: Reclami, ricorsi e conciliazioni
Search URL Search Domain Scan URL
Title: Promozioni e manifestazioni a premio
Search URL Search Domain Scan URL
Title: Governance
Search URL Search Domain Scan URL
Title: Rapporti dormienti
Search URL Search Domain Scan URL
Title: AML & CTF
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Bilanci
Search URL Search Domain Scan URL
Title: Contattaci
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 53- https://www.bmedonline.it/lr/rb_bf64527cci?type=js3&sn=v_4_srv_15_sn_BB43FE98DD0DEEF7DDCC960C03C8D94B_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1&svrid=15&flavor=post&vi=GTARFMSDAHUFUEAAEHMCMAFAKFCVNPWA-0&modifiedSince=1675136894611&rf=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F%3Flogin%3Dtrue&bp=3&app=012dbe75eae6376c&crc=577576546&en=3vi19xap&end=1 HTTP 302
- https://sso-c-pro.mediolanum.it/oam/server/obrareq.cgi?encquery%3D17qx4hviWABsAy23n%2FSgo5L3B%2BlbhY4os90gKHUhEqK0YyNoaYpC89TA7Xz4IHyZ%2Be4SVnXX63MjfumPoSK3E7q8k4UogsVKqqH8SLhDtzeEoclFhDEHtKeZIvC%2FpDX3i8H46oJlE39lV1rLr8qmc6OxdvzUb7n1ay256ykwGVbjm9zJjPueKCPdQ8vrnF6d2mE1ybUPcV%2FcUkxQzUUJaEHoSWHOUkjZhryp2gKSFc%2FlvXZ%2BdrHWiKUMAdcCkMsicpcfnRM9DAk4Zj%2FJyzKdyeMbjGPWuQLOIJtY076tld4q2BAUB0GKyqBveKLksos%2B2Kwb%2BT7Zo%2BrIFa8ihDL2byVDKjKkeeNDJBk20Ucb%2BGeuSP6cgK4Ia%2Fiv6cD8ct0xkrIyCoVZXAF1kmqzetxS8V14FK73NElS9v%2Fesiu1Nrqy9yr7RKuYqXqAl%2BXh%2Fl6a5XvV3QfyS02SzpFZvuw75mNpFV6dy9M%2Bk1SNVeOw4Gusc1M9fCeGSXhSUjCeHgmtOmtoiRwUiCOwsZbWV7LYLSQUNm0SUJB%2BYxxJt3eNJzk8nm56B%2BTt5k9gKGgxcKNRjI222comrRrhIXK1CxEwRJmLTtRJwjYR88FfixLye0rLyblR4rdzsNurkaz5BDA3pv7YcVnllpwuLTNWdxQw00Zdt%2FG4KEGfr5gVmCStJpx2LFP1td2WQsOyQxo1%2BICcnAoaRdV77%2Bhc0SLmEYA0uP7bsODH0k%2FwyEiwIs8gKT4oz8fNW7V2AVV2NUJTRF3kXd5NASsfxBkb%2BFUJoX1HwqXWZC6JfGifBF6KXcLtd6ZspIE2XOZRN1ZYzjoocqwq3wm2CDhbWyxLnoOqPiYbN5QWR7SAmMS9awRBxqUlthd%2FnxiRNN0Xy9%2F2OsocRhNMj75eOwssH3QfNJBSCKH3f6cKJCiswu5cZTh75ZBzp5sQaIfKk4KPZ2VNNLCeOgcI7ndfopDtaU7094v8wSztM3fChqKWPmR2dXorh43Eba%2F0h3x2RieFIvP6Cu%2BS85z%2BhxCmhfTy5adY9pyx%2BGg2IhBoTY03ZEthQAzyzohMA72itvHn6uUInEIaXbgddoWEEYQ8qbafRytj0heqfLCV31GQsNSSkVanp20D468blMC6Sm1EhEYE9XoHMo0kWNS2PEuQvqKGi0V5%2Bv1mfROly1AeU6Ug3FxIooG1tvJ8NbyBTLmX%2BZcNccJXK3EVrISxRcG6sUN2r6Bzt6ZaO0Zfl%2BxhwgKBwQKOOPW9vQd9xocDGOBV77fBDuj1awQOp6wlfynkoZJdDBAU9SeqbUUr9w%3D%3D%20agentid%3DWebgateNMOL%20ver%3D1%20crmethod%3D2&ECID-Context=1.005wt2thYVl4IvYVLqVK8A0002450000cz%3BkXjE HTTP 302
- https://www.bmedonline.it/ecm/?bmctx=BA68F78519AB2C17D01EAF738CC1898B4A0EEFB24118B126792E3C7B46F19BA0&password=secure_string&contextType=external&username=string&challenge_url=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F&request_id=8090347944292587247&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fwww.bmedonline.it%252Flr%252Frb_bf64527cci%253Ftype%253Djs3%2526sn%253Dv_4_srv_15_sn_BB43FE98DD0DEEF7DDCC960C03C8D94B_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1%2526svrid%253D15%2526flavor%253Dpost%2526vi%253DGTARFMSDAHUFUEAAEHMCMAFAKFCVNPWA-0%2526modifiedSince%253D1675136894611%2526rf%253Dhttps%25253A%25252F%25252Fwww.bmedonline.it%25252Fecm%25252F%25253Flogin%25253Dtrue%2526bp%253D3%2526app%253D012dbe75eae6376c%2526crc%253D577576546%2526en%253D3vi19xap%2526end%253D1
- https://www.bmedonline.it/lr/rb_bf64527cci?type=js3&sn=v_4_srv_15_sn_BB43FE98DD0DEEF7DDCC960C03C8D94B_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1&svrid=15&flavor=post&vi=GTARFMSDAHUFUEAAEHMCMAFAKFCVNPWA-0&modifiedSince=1675136894611&rf=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F%3Flogin%3Dtrue&bp=3&app=012dbe75eae6376c&crc=205760661&en=3vi19xap&end=1 HTTP 302
- https://sso-c-pro.mediolanum.it/oam/server/obrareq.cgi?encquery%3Dgv3hzvtVFYPu%2BTnoXx7JMar%2B1oxqdrOFP8SeQsyPHv2JTt%2FNJ%2BUGDQ%2BHqRfXyYAsF8p2k%2FPzsSNzQ2JaBc8V%2FPmO1r4KotpQw0gzerrlQLcEj3XV07s3h%2BPsgzHbFo3FwVXKDJA0uzs5gdL0piHu6Og9uLsou9oby8uhSaMBxrM99moUEo9gVFkW2W5eNkaop8ShG0jtcwdI6pUxcS7%2FV7ff7R0x3N0M%2B4WTKv3CJyywEsPXuxPS04Qlatjf8FpFh3ETiSC7%2BYwygB1sgEL5gLxFusiNZyXi%2FDoRTLg1c7YZDOqyXYyEMXJHPjIVt6w67wb9UFGWdO%2BSVdxu13UdMi2C1e0KOx3IRkDu1LCQux0nePfATcFwoq2p%2F0lhpOM4c9tj%2BzJqJMN%2F1udNenOH8u50mT4xIahUOpq6JL1fe4EjHVCaAHzywGpgbZnDIJJmldVEyQq2PZ8nDqrGtbPZvilLZrTWfTZm2Nc0mnmpLgQFQbMuzT1euJ%2BWRVxFKmzLVLWmo9cAaH8XP0OmsuFJw7dlTlHVeS2NaK2gpb%2Fn4UrseszonbF9RbEOmUH1LrwAkjy1Dl3PIR56eTr%2BNG4ZeqoGH0EgittGd0WvX5mWKHCkMM%2F7vF5eAaqcJgFNMQsZ0oH06kvZK9NGsVV7Yp01DeGoaZ3EzqsL8BwVTX3nLa%2BEgG7Vv4wn3Fj7xHMHvikntPBN0dxSoWMxachvvxhhXCAnDVifpewyDMrblFhoHB%2F1aST9QweKRahTD7oEEkjlF1nJxevNZCdBiM5nvVdExXJtfnnWu%2FqOJT4RhWumYTycK2XCjj24OX9szEd%2F6sZ32OoGrwmJ0FHnoy2JnHVKLJwKU0MxKAlSs06fzAaxgc%2F1VOF8yG5KxZQaFefbmuzpWTKcF1Q3vl%2BFD%2BLhuZ%2BL9TBsp3bXAzvHj2xhGkCdoktkVpdfyuVyo9ipMEENdkDyeWeLEW%2FjgUUrmN6r92tq7yZ8jl8j0Jvd2K%2BYM8gF%2FQN9h%2FMM1Kd0zbwUqyRSAINcbBSW3fMDZ3JCeGufydbuaw7FsyOvUBAwRJvXS%2B3G65%2BI%2FnPsZ3LkQp3m5J7UQKlyklc2U5Z6gGyVRaG1554nv9XRzdxLhQIhxpICAlc9gWgqXQ09BV9vcBe5ZhBykaR5WgiuBlHUPtmPg4wQ%2FAZG1ODOgKAlHjtA7pFRTdccTYiL6a7wnxynAl3a2BKQ7%2FWm2%2Bm%2Bs9gpivmWgGXBE86u3qbGj7bXYBXld%2BcSfny07pAKpukWu86L480v5aT0imA1%2Fs0NGZg1vyXP0tuxOzOlmA%3D%3D%20agentid%3DWebgateNMOL%20ver%3D1%20crmethod%3D2&ECID-Context=1.005wt2tpCnz4IvYVLqVK8A0002450000dV%3BkXjE HTTP 302
- https://www.bmedonline.it/ecm/?bmctx=BA68F78519AB2C17D01EAF738CC1898B4A0EEFB24118B126792E3C7B46F19BA0&password=secure_string&contextType=external&username=string&challenge_url=https%3A%2F%2Fwww.bmedonline.it%2Fecm%2F&request_id=-3807054076046559995&authn_try_count=0&locale=en_US&resource_url=https%253A%252F%252Fwww.bmedonline.it%252Flr%252Frb_bf64527cci%253Ftype%253Djs3%2526sn%253Dv_4_srv_15_sn_BB43FE98DD0DEEF7DDCC960C03C8D94B_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1%2526svrid%253D15%2526flavor%253Dpost%2526vi%253DGTARFMSDAHUFUEAAEHMCMAFAKFCVNPWA-0%2526modifiedSince%253D1675136894611%2526rf%253Dhttps%25253A%25252F%25252Fwww.bmedonline.it%25252Fecm%25252F%25253Flogin%25253Dtrue%2526bp%253D3%2526app%253D012dbe75eae6376c%2526crc%253D205760661%2526en%253D3vi19xap%2526end%253D1
56 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.bmedonline.it/ecm/ |
47 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA2NVfhqrux_10229211109064440.js
www.bmedonline.it/lr/ |
219 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-psd2.css
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
405 B 352 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.bmedonline.it/ecm/static-assets/css/ |
7 KB 699 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
www.bmedonline.it/ecm/static-assets/fa/css/ |
56 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
137 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmapi.js
service.maxymiser.net/api/eu/bmedonline.it/2fa7c7/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
odc.js
c.oracleinfinity.io/acs/account/q01xigbfo7/js/inpage/ |
44 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dPg.js
www.bmedonline.it/jsR/ |
215 B 316 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home_check_err.js
www.bmedonline.it/jsR/ |
840 B 612 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ARCBM_HomePage.js
www.bmedonline.it/jsA/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sha1.js
www.bmedonline.it/jsS/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightstreamer.js
www.bmedonline.it/jsA/ |
165 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tastierino.js
www.bmedonline.it/jsA/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ricordami.js
www.bmedonline.it/jsA/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fingerprint.js
www.bmedonline.it/jsA/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto-js.js
www.bmedonline.it/jsA/ |
70 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homebm_oam1_psd2.js
www.bmedonline.it/hide/ |
168 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HB-bmed-logo.jpg
www.bmedonline.it/ecm/static-assets/images/menu/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.png
www.bmedonline.it/ecm/static-assets/login-psd2/assets/img/ |
788 B 934 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-alert-new.png
www.bmedonline.it/ecm/static-assets/images/common/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-doublechance-desk-0123.jpg
www.bmedonline.it/ecm/static-assets/images/upload/ |
174 KB 174 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DoppioValore2023-bmedonline-desk.png
www.bmedonline.it/ecm/static-assets/images/upload/ |
724 KB 725 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-slider-desk-trading-mediolanum-1222.jpg
www.bmedonline.it/ecm/static-assets/images/upload/ |
228 KB 228 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bmedonline-desk-vademecum-sicurezza.png
www.bmedonline.it/ecm/static-assets/images/upload/ |
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-mediolanum.png
www.bmedonline.it/ecm/static-assets/images/footer/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
37 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.bmedonline.it/ecm/static-assets/login-psd2/dist/ |
50 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.bmedonline.it/ |
156 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
service.maxymiser.net/cg/v5/ |
418 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mmpackage-1.25.js
service.maxymiser.net/platform/eu/api/ |
78 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner-commerciale
www.bmedonline.it/ecm/services/ |
63 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
222 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-down-nav-gruppo-off.png
www.bmedonline.it/ecm/static-assets/images/menu/ |
155 B 268 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediolanumsans-regular.otf
www.bmedonline.it/ecm/static-assets/fonts/webfontkit-20150730-065551/ |
14 KB 9 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mediolanumsans-bold.otf
www.bmedonline.it/ecm/static-assets/fonts/webfontkit-20150730-065025/ |
14 KB 9 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
d.oracleinfinity.io/infy/acs/common/js/1.3.45/ |
50 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
d.oracleinfinity.io/infy/acs/account/q01xigbfo7/js/inpage/analytics-production/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
www.bmedonline.it/ecm/static-assets/fa/webfonts/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-left-nav-content-gruppo.png
www.bmedonline.it/ecm/static-assets/images/menu/ |
138 B 251 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
checkricordami
www.bmedonline.it/jbunsec/rest/ricordami/ |
234 B 483 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.bmedonline.it/ |
1 B 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dc.oracleinfinity.io/v4/account/q01xigbfo7/client/ |
68 B 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
215 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
211 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcs.gif
dc.oracleinfinity.io/q01xigbfo7/ |
43 B 416 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 164 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 348 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.bmedonline.it/ecm/ Redirect Chain
|
47 KB 13 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.bmedonline.it/ecm/ Redirect Chain
|
47 KB 13 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Mediolanum (Financial)240 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange object| dT_ object| dtrum function| getQSParam string| parm_login object| parm_successurl undefined| logoutLink string| QS function| $ function| jQuery object| mmRequestCallbacks object| mmsystem function| mmremoveid object| ORA string| OAM_CODICE_CLIENTE string| OAM_NICKNAME string| SA number| bmed_cr string| crFrom string| crCanale undefined| path number| dPg_loaded undefined| io undefined| test number| home_check_err_loaded function| CLValidateForm function| CLFormatString function| addHighlight function| CLGeneratePosition function| CLRandom function| CLReturnPosition function| whenOnKeyPress function| setCookie function| getCookieData number| ARCBM_HomePage_loaded object| CryptoJS number| sha1_loaded object| Lightstreamer function| LightstreamerClient function| Subscription undefined| ricordamiCheckResponse object| ricordamiStored number| counter boolean| checkRicoOnLoad boolean| fTraceDisattivazione function| sendToGoogleTagManager function| checkPopupRicordami function| uncheck function| check function| closePopUpRicordami function| confirmBtnPopUpRicordami function| ricordamiCheckCall function| ricordamiCreateCookie function| getSecureFlag function| getSmartCookie function| getFingerPrintStr function| killRicordamiCookie function| Fingerprint object| exp string| dove string| gStrong string| gVsess string| gIdTopic string| gPrefissoCellulare string| gNumeroCellulare string| gSkipCertificazione string| gSkipStrong string| gSkipMaxCert string| gSkipMaxSA string| gStatoCert string| gStatoStrong string| gStatoStrongBannerPsd2 string| gCellunivoco string| gCliC string| pwdCli string| gStrongPin string| gIdPrelogin string| gclientlight string| gCodiceCliente string| gSecurityToken string| gSecLev string| gTipologiaRinvio string| gTipoLayer string| gCodDispoPSD2 boolean| gLastStepPin1 object| gTastierino boolean| callLoginStrong string| linkRecCodici string| linkSbloccaBMed string| cClienteVerificato object| fraud object| Med string| NUMEROTEL string| NOMECLI string| COGNOMECLI string| CONTI string| PRESSO string| INDIRIZZO string| LOCALITA string| CAP string| COMUNE string| PROVINCIA string| CANONE_DATA_ADD string| CANONE_ERR_NUM string| CANONE_ESENTE string| CANONE_CONTO_ADD string| CANONE_IBAN_CC string| CANONE_PROX_ADD string| IDPRENOTAZIONE string| FIRSTSTEP_ACT string| FIRSTSTEP_ACT_COD string| STATOCEL_CODE string| STATUSSYS_CODE string| STATUSSYS_SYS_STAT string| STATUSSYS_FLG_FAX string| STATUSSYS_ERR_CODE string| INFOCRUSC_LIV_SIC string| GETDAY_DATA_WORK string| ESTRADATA_TODAY string| PREFISSO string| TELEFONO number| IMPORTO string| APPLICA_PRICING string| TIPODISPOSITIVA string| ACTION_CODE string| IN_TIPO_DISP string| IN_ACTION_CODE string| IN_DISPSTATUS string| IN_STATO string| TESTO20SEC string| TESTO_INFO number| gContErrVerificaCod string| oamHost number| stopCert string| request_id boolean| sendSmsAble string| TESTO30SEC string| nmolLogin string| gIDPRELO string| hostToUseLS number| otpError string| sitoAss string| userinput string| idSess undefined| gelPos1 undefined| gelPwd1 undefined| gelPos2 undefined| gelPwd2 undefined| gCodCert number| backupSMS string| idPRELO string| ipAddress string| testCookie string| cOAMAuthnCookie string| dominioAction function| goRigenearaPin function| prova function| Get_Cookie function| Delete_Cookie function| logInfoAgg function| tracciaStepGiornale function| tracciaStepGiornaleNew function| funcPost function| lpad function| autenticazione function| controllaPin function| sendSms function| disegnaTemplateSMS function| disegnaTemplateNPU function| disegnaTemplateSMSfake function| loginStrong function| login function| decodeErrorOAM function| accessoLogin function| decodeError function| preLogin function| openPopNmolCertMass function| continuaCertificazioneMass function| openPopNmolCert function| confermaCodiceCert function| sendCodCert function| sendCodSmsCert function| write2Pin function| getMotore function| getInfoDispositiva function| eseguiDispositiva function| setFocus function| onlyNumbers function| chiudiPopup function| skipLastStep function| disabilitaBtnSkip function| skip function| goStep1 function| goStep2 function| goStep3 function| callInfoStrong function| gestisciMsgErrore function| goTokenAppComplete function| goEsitoOK function| openLayerPSD2 function| loginApi function| logoutApi function| loginApi_mia function| openPopNoNomber function| openPopCertDup function| openPopCertDupMass function| openLayerPolizze function| richiediSmsPinDigit function| showToolTip function| hideToolTip function| gestioneNPU function| templateNPU function| chiamataBackupSMS function| sendSmsCELL function| getPopupSkip string| rigenHost boolean| flgLogin string| re object| MaxymiserCampaing object| MaxymiserBanner function| getBannerCrafter function| closePopUpMaxymiser object| dataLayer function| Popper object| bootstrap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| mousedown function| gtag object| infi function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| campagnaClick function| listenIframe undefined| promobc25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.bmedonline.it/ecm | Name: dPg Value: |
|
.bmedonline.it/ | Name: dtCookie Value: v_4_srv_15_sn_BB43FE98DD0DEEF7DDCC960C03C8D94B_perc_100000_ol_0_mul_1_app-3A012dbe75eae6376c_1 |
|
.bmedonline.it/ | Name: visid_incap_2292922 Value: omYTsykcTkixhXn7aFTMFEMv2WMAAAAAQUIPAAAAAABy2A1kgbk/YFrsOLVIwtWr |
|
.bmedonline.it/ | Name: incap_ses_1402_2292922 Value: ZIoEabscPhq7xol8Euh0E0Mv2WMAAAAA4G+V+xVgHxseoyphcpIpGQ== |
|
.bmedonline.it/ | Name: rxVisitor Value: 1675177796782TVFP62EK93C1KFLGL5JDFPI0GNUQEETT |
|
.bmedonline.it/ | Name: dtLatC Value: 118 |
|
.bmedonline.it/ | Name: dtSa Value: - |
|
.bmedonline.it/ | Name: mmapi.p.pd Value: %22H3nTeYyhqPRvW1jYGJG80tSSuHw22rc322qcRzNkS7s%3D%7CAQAAAApDH4sIAAAAAAAEAGNhKF88te2TWIkMA3NORhGjEAOjEwP_7S9yjAxbOCTN5zLf9oDRDEDwHwoY2Fwyi1KTSxg_iTGCxMEAJgmiGRgkGWLiGBniGpIZGQQaUhgZKvzTGRnC3mYwMri8AxIJ74HEnA9AooU5i5FhDwuQSKrOBqpbACT2WeYAHZALJCxeFQK5h4sYGRwulwO1-VQwMnjFAoky9kpGhiAvIFHlDSSyioBE0RUgsekpiAC6iNEVAINpz_PeAAAA%22 |
|
.bmedonline.it/ | Name: mmapi.p.bid Value: %22prodlhrcgeu02%22 |
|
.bmedonline.it/ | Name: mmapi.p.srv Value: %22prodlhrcgeu02%22 |
|
www.bmedonline.it/ | Name: JSESSIONID Value: 4lIIYKoxJqvIesaYTDdVw0yCMzr8YGmKgZHTTQu_aTYr77zzKvlN!-2029828059 |
|
.bmedonline.it/ | Name: ORA_FPC Value: id=453902e3-2d2c-43ec-89ed-a6c69e6d333b |
|
.bmedonline.it/ | Name: _ga_LF895BPLT1 Value: GS1.1.1675177798.1.0.1675177798.0.0.0 |
|
.bmedonline.it/ | Name: _ga_KWXM96PDQW Value: GS1.1.1675177798.1.0.1675177798.0.0.0 |
|
.bmedonline.it/ | Name: _rollupGA Value: GA1.2.711130560.1675177799 |
|
.bmedonline.it/ | Name: _rollupGA_gid Value: GA1.2.1400027881.1675177799 |
|
.bmedonline.it/ | Name: _dc_gtm_UA-75985629-1 Value: 1 |
|
.bmedonline.it/ | Name: _ga Value: GA1.2.711130560.1675177799 |
|
.bmedonline.it/ | Name: _gid Value: GA1.2.1131213905.1675177799 |
|
.bmedonline.it/ | Name: _dc_gtm_UA-42757807-2 Value: 1 |
|
.bmedonline.it/ | Name: rxvt Value: 1675179598834|1675177796784 |
|
.bmedonline.it/ | Name: dtPC Value: 15$577796780_94h-vGTARFMSDAHUFUEAAEHMCMAFAKFCVNPWA-0e0 |
|
.bmedonline.it/ | Name: OAMAuthnHintCookie Value: 0@1675177800 |
|
www.bmedonline.it/ | Name: OAMRequestContext_656a32 Value: ej2jP2Gr4C8lSfnJuNjhOw== |
|
www.bmedonline.it/ | Name: OAMRequestContext_416c53 Value: AlSt7YEXuyFzaG9Ksv+P4A== |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.oracleinfinity.io
d.oracleinfinity.io
dc.oracleinfinity.io
service.maxymiser.net
sso-c-pro.mediolanum.it
stats.g.doubleclick.net
www.bmedonline.it
www.google-analytics.com
www.googletagmanager.com
130.35.229.66
23.54.219.17
23.66.192.128
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:80f::200e
2607:f8b0:4006:821::2008
45.60.122.166
0bab3a2b25a7cad253ef2bacb100651a20389a8410c7f54a7796cfdec9ef923a
0ca25d103a0ac564f9dc97255a9b9e8154cc4e436443401d9f8e7cc58ca0af34
108cc06b36ffee35cbd09d540eb1a6e1d8b606551b8de5ac3ba0ceef4f89292f
1499d3188e04f56918103443ffd1bb13b4884dc781ee0053978dd059a62ad661
154ad6de6380d2749374c82b8e61f172eb2f7614861592040c5ab783c23aaa2e
15f302f7aeceb20d37793db6dcbfca12e45d5b090428907087d92c40de9e5949
171ac238374d53520ded08e6f040948a28f13c83cf1799aef882270358e5c3f1
18c9cb395e89696423b7093248ad07566d9601d1378285eee257133fbfc09b54
21978f9951f5ab48d8b56461dc6100dcb9d345c710e64c661e62a646d29ed822
2abd40e780aac0d0cff59e3d49196e0bb48365d551bef8e39f479ebeffa64281
31cfcd1ad88bf747abac2fda5f78587f0bfd4d59d6bb12f608c46f6ab84e5b76
3a3cebc4d7a4938330f7ae34c9ddb7318805a2c1f275bd460c6377be4b4efc2e
42660412d013b3f04994265b6e1bc793ee425f1f8bd0fceee866257c1774351e
4521d2660af14ced6628837ff5ec772f2f7bc4467acfaee5d45529065bc322d4
45f549d08692a517c5f7f36e48fc0becb0a45c1677134079dc88b651e1341293
49d14b1114e64000c88c4787ba811eff7bbc18061300d894fb16d16501a4f865
5063b83b3239b167dad2141b25b317fa8b2d5570f2025e08b005c30e0eb84a74
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
67f9f851a4e657e488644f1e89a60b1ff36c9ac6b46099769251a623a7e5f183
69d5a4dab2ef8994ec011de3283cfdf3290e39a235116067250dbc01c2e84619
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7474fccf061a2ed7f2dbad9068517eceac93fb27ca6e2be35dbcace0369e41fd
749924d2cd3a153ba8cbc4c6ba4fc8a6e0159aeb1640bded791d7a0c53ac5712
79129d0c919f63271515a6f5277e6ec2b10b4fb9bfe7c82e488d7a28226df43d
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7e9db0160b9ded474da6a70a39a066ecd0a33f98fbfbd591f270c54197da98bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8887872dfa818a2c63ba2a496f811cbcbef2e6444c0d343e295e832cece0f510
89dede7a4040ce0819b3c526677afbce7c593d9b4503925ebf8f2e84d70cef02
8c814712ccaf55e4f93469daf010ba277e8569d60781237c3a2ac6eaf81359e1
8d9aab5e84dc6e2446b86ef2b4e65cd50382627f0849b9fb4b64d143669b467c
9429cae40ac44408fc4596715dd0ddc23669b030216ec11cf8e883f314680780
95c85fe79786d0c16984d43689e1f39d40e4935f65cf48914d1d20af0745f647
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
b9eca7472f3b80b57c9a601b9f44822701bfb2081593c73298425940d16dc9df
bf1ed18df313c77146e696fd64c00b3d530e7cd70212e4048b02497a95c58c5a
c093294bb42d7f10d4788894b8454e450f4a62a15c49875cf223233c0816db3c
c154c7dfec3fd914363c128371ef578c4265f53497d6c2d540f094c472507d8b
c8ce73cc7856fe8387f288a39dd858369cecf662b0442eac846fe4f114d2cfbb
cfe3c37e2ab2648b47c9a0e8a3d6d6652d6b457feacf01872f8751e2e10767e5
d287be0e320369cd079d543be40255dd263750b71cf2b3d6d402fe8894262d5f
d2b32088e8f3998c1eb429d825b10325be94ed7d13d368d314d01b7472682147
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d74328754a4836650f0f80ccd11c1836543b7a68628fb2436d4ed3dbb6151583
e168d257dc35cbfd226a9bff8e97cdb72897204aba499857934ac7d5c0ba8a50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b95def8b00f37d671c6a8a017f7946eeae0c084d896f95b9418feef64a0a4b
edc59a3d87e825d0c1b25a810792f9827bc8ac2edb7b77664ef3411511019e40
f706d3ab65bc881e780aa6662ef31ab5e900c5ee0eec60971775bab33b102d90
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
feaaf4e9e2f8cd65ece2416845dbd7513d07029557275eb440497f17a6edd520
ffb303cecab3561a0a649b280797d4c8c3d6eeb99f068bfce8b6d543a0b14089