blnperte.com Open in urlscan Pro
152.89.61.96  Malicious Activity! Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response blnperte.com/	91 KB 91 KB	236ms 101ms	Document text/html	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash f56efd48ef5c333dfb3a7f5fbcc0d083f9a329a99a8333f4694ff9c2178824d8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 92882 Content-Type text/html Date Tue, 31 Jan 2023 13:32:57 GMT Last-Modified Tue, 31 Jan 2023 12:12:29 GMT Server nginx
GET H/1.1	200 OK	css fonts.googleapis.com/	3 KB 1 KB	157ms 82ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Open+Sans Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 65d2a78602c1dfed06fef415e07caf67bdc2fb5682638fb5c2189dbd5e6131a0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin X-XSS-Protection 0 Last-Modified Tue, 31 Jan 2023 13:32:57 GMT Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires Tue, 31 Jan 2023 13:32:57 GMT
GET H/1.1	200 OK	clientlib-all.css blnperte.com/files/	757 KB 757 KB	174ms 85ms	Stylesheet text/css	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/files/clientlib-all.css Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash b110ce49bffb0222598f6961ea5601def38eed3ea38b14609330317735d8d11e Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:57 GMT Last-Modified Fri, 01 Jul 2022 05:49:42 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 775429 Content-Type text/css
GET H/1.1	200 OK	clientlib-smartbanner.css blnperte.com/files/	3 KB 3 KB	196ms 97ms	Stylesheet text/css	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/files/clientlib-smartbanner.css Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash ae3d9363f4fa0d03b76c14877276d6c10b8e2e98e7bfcfc5f96ddffef5215288 Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:57 GMT Last-Modified Fri, 01 Jul 2022 05:49:44 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 3211 Content-Type text/css
GET H/1.1	200 OK	ArchIbPublicStyle.css blnperte.com/files/	43 KB 43 KB	204ms 101ms	Stylesheet text/css	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/files/ArchIbPublicStyle.css Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash 131b7831882f008a6762129052d5bd357d120e7fa610779bc8d9a09e7f5869c3 Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:57 GMT Last-Modified Fri, 01 Jul 2022 05:49:28 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 43816 Content-Type text/css
GET H/1.1	200 OK	flag_eng.png www.intesasanpaolo.com/content/dam/vetrina/design/ico/	1 KB 3 KB	439ms 101ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/ico/flag_eng.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:58 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "5de" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1502 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	bnl_logo_transparent.png banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/	11 KB 12 KB	391ms 131ms	Image image/png	2a02:26f0:3500:28d::3b6b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://banking.bnl.it/rsc/contrib/graphicaltheme/bnl-public/img/brand_block/bnl_logo_transparent.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:28d::3b6b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3 Security Headers Name Value Strict-Transport-Security max-age=15768000 X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:58 GMT Strict-Transport-Security max-age=15768000 Last-Modified Sun, 06 Mar 2022 08:10:56 GMT ETag "2d9a-5d9884990622d" Vary Host,Accept-Encoding x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 11674
GET H/1.1	200 OK	ico-parla-con-noi.png www.intesasanpaolo.com/etc/designs/vetrina/images/	2 KB 3 KB	93ms 93ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/ico-parla-con-noi.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "785" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1925 Keep-Alive timeout=2, max=100
GET H2	200	Error-512.png cdn0.iconfinder.com/data/icons/shift-free/32/	12 KB 13 KB	167ms 54ms	Image image/png	2606:4700:e6::ac40:c01a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn0.iconfinder.com/data/icons/shift-free/32/Error-512.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:c01a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cb1a7ffe4c6dfa7a7e6a25f5d908334c10db44b0936044bce24f89d5333c56e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Tue, 31 Jan 2023 13:32:59 GMT via 1.1 vegur x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15552000; includeSubDomains; preload age 4369 content-disposition inline; filename="781815.png" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12160 x-request-id 0e09a404-e0d0-41e9-8383-8951a1e41f81 last-modified Sat, 07 Jan 2023 18:21:04 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=932ZZFYncdPH8%2FZBeKj7cxsdDAZxLvK1OHgubdbOwyrQ4AqoohOoqQr%2FYPd9Tah1BJKof4nNEaD9Atq0dAA0bBXUUEI7FgP77lRaH8lsG5KT6UakvKtoPuZI8oxTEbuMTyvlnKiFP84Jb6Mn7VBlOwjZ"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7922d1060af42d8f-ARN expires Wed, 31 Jan 2024 13:32:59 GMT
GET H/1.1	200 OK	arrows.png www.intesasanpaolo.com/content/dam/vetrina/design/ico/	528 B 2 KB	89ms 89ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/ico/arrows.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 354a16c92816350830076c1f625525d9460ff1269cb3b8766592540d5ad28ba8 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "210" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 528 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	acc-hide.png www.intesasanpaolo.com/etc/designs/vetrina/images/	1 KB 3 KB	89ms 89ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-hide.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 366de85e50aa042f34ef304b5195d06a87dcc81107e0a5ac87d997d35d95b275 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "557" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1367 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	acc-show.png www.intesasanpaolo.com/etc/designs/vetrina/images/	1 KB 2 KB	85ms 84ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-show.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 7621b7efdd066ad06e4ab99786b72c02f9d126e63bfa911cee193b1071fa1ccd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "402" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 1026 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	acc-hide-mobile.png www.intesasanpaolo.com/etc/designs/vetrina/images/	3 KB 4 KB	86ms 86ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-hide-mobile.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 173f71531eaa3fefa888c0c92cfac551e7b27007029ab36a127e5f3232510b8a Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "c8e" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 3214 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	acc-show-mobile.png www.intesasanpaolo.com/etc/designs/vetrina/images/	2 KB 4 KB	93ms 93ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/acc-show-mobile.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 1aec5219cdcd75f87dfe65e36a8d4b860ac03b5573e6c9a2739b119e5defe63e Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "9e9" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 2537 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	trasparenza.png www.intesasanpaolo.com/content/dam/vetrina/design/loghi/	5 KB 6 KB	94ms 93ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/loghi/trasparenza.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 09c850d89f41e9c808d6bd12871bcfc7e6f7d76cd1f7f959a5d79ffb800f8de2 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "133f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 4927 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	logo_compara_conti.png www.intesasanpaolo.com/content/dam/vetrina/design/loghi/	9 KB 10 KB	87ms 87ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/loghi/logo_compara_conti.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash f6980057249f4e1fc3dae211dba4e6fb2193e4f641a8e253f8513c323b7ec4ab Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "244f" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 9295 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	logo-footer.png www.intesasanpaolo.com/content/dam/vetrina/design/loghi/	11 KB 12 KB	172ms 172ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/content/dam/vetrina/design/loghi/logo-footer.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 10ca81e1589cc3b4b1d18a25ee6acf121970effa02449deb4beb17a880af41fd Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:59 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "2c84" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 11396 Keep-Alive timeout=2, max=100
GET H/1.1	200 OK	close-cookie.png www.intesasanpaolo.com/etc/designs/vetrina/images/	313 B 2 KB	81ms 81ms	Image image/png	193.41.198.216 ISP-ASN2
General Check archive.org Show headers Download Go to Show image Full URL https://www.intesasanpaolo.com/etc/designs/vetrina/images/close-cookie.png Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT), Reverse DNS android.intesasanpaolo.com Software / Resource Hash 3428070ba9de1802698ea29826428628eab543de85c20e50e076e1a316606790 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:33:00 GMT Strict-Transport-Security max-age=16070400; includeSubDomains ETag "139" Access-Control-Max-Age 86400 Access-Control-Allow-Methods POST, GET, OPTIONS, DELETE, PUT, PATCH Content-Type image/png X-Frame-Options SAMEORIGIN Access-Control-Expose-Headers accept-ranges,content-encoding,content-length,content-range,deviceIDrba Cache-Control no-cache Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Access-Control-Allow-Headers accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page Content-Length 313 Keep-Alive timeout=2, max=100
GET H/1.1	404 Not Found	main_app.js blnperte.com/ib/public/login/js/arch/services/1.0.0/	0 0	104ms 103ms	Script text/html	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/ib/public/login/js/arch/services/1.0.0/main_app.js Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:57 GMT Server nginx Connection keep-alive Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	main_app.js blnperte.com/ib/public/vetrina/arch/	0 0	100ms 100ms	Script text/html	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/ib/public/vetrina/arch/main_app.js Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:57 GMT Server nginx Connection keep-alive Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	main_app.js blnperte.com/ib/public/guestarea/	0 0	106ms 106ms	Script text/html	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Full URL http://blnperte.com/ib/public/guestarea/main_app.js Requested by Host: blnperte.com URL: http://blnperte.com/ Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:32:58 GMT Server nginx Connection keep-alive Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v34/	16 KB 17 KB	148ms 74ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Open+Sans Protocol HTTP/1.1 Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://blnperte.com accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Thu, 26 Jan 2023 21:36:50 GMT X-Content-Type-Options nosniff Age 402970 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 16740 X-XSS-Protection 0 Last-Modified Mon, 15 Aug 2022 18:14:44 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Fri, 26 Jan 2024 21:36:50 GMT
GET H/1.1	200 OK	sprites.png blnperte.com/files/	10 KB 10 KB	83ms 83ms	Image image/png	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Show image Full URL http://blnperte.com/files/sprites.png Requested by Host: blnperte.com URL: http://blnperte.com/files/clientlib-all.css Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash 0a9148f6e2717336ff367ab00ec1d5eaa172a0a6be1404dd324c28d77804c8cf Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/files/clientlib-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:33:00 GMT Last-Modified Fri, 01 Jul 2022 05:49:48 GMT Server nginx Connection keep-alive Accept-Ranges bytes Content-Length 9733 Content-Type image/png
GET H/1.1	404 Not Found	linkfooter-active.png blnperte.com/files/clientlib-site/css/images/	315 B 315 B	98ms 97ms	Image text/html	152.89.61.96 YURTEH-AS
General Check archive.org Show headers Download Go to Show image Full URL http://blnperte.com/files/clientlib-site/css/images/linkfooter-active.png Requested by Host: blnperte.com URL: http://blnperte.com/files/clientlib-all.css Protocol HTTP/1.1 Server 152.89.61.96 , Ukraine, ASN30860 (YURTEH-AS, UA), Reverse DNS cpanel12prot.v-sys.org Software nginx / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language fi-FI,fi;q=0.9 Referer http://blnperte.com/files/clientlib-all.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 13:33:00 GMT Server nginx Connection keep-alive Content-Length 315 Content-Type text/html; charset=iso-8859-1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Intesa Sanpaolo (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange undefined| url undefined| message string| currentApp string| currentEnv

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://blnperte.com/ib/public/login/js/arch/services/1.0.0/main_app.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://blnperte.com/ib/public/vetrina/arch/main_app.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://blnperte.com/ib/public/guestarea/main_app.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://blnperte.com/files/clientlib-site/css/images/linkfooter-active.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.bnl.it
blnperte.com
cdn0.iconfinder.com
fonts.googleapis.com
fonts.gstatic.com
www.intesasanpaolo.com
152.89.61.96
193.41.198.216
2606:4700:e6::ac40:c01a
2a00:1450:4001:80b::2003
2a00:1450:4001:82f::200a
2a02:26f0:3500:28d::3b6b
09c850d89f41e9c808d6bd12871bcfc7e6f7d76cd1f7f959a5d79ffb800f8de2
0a9148f6e2717336ff367ab00ec1d5eaa172a0a6be1404dd324c28d77804c8cf
10ca81e1589cc3b4b1d18a25ee6acf121970effa02449deb4beb17a880af41fd
131b7831882f008a6762129052d5bd357d120e7fa610779bc8d9a09e7f5869c3
173f71531eaa3fefa888c0c92cfac551e7b27007029ab36a127e5f3232510b8a
1aec5219cdcd75f87dfe65e36a8d4b860ac03b5573e6c9a2739b119e5defe63e
2cb1a7ffe4c6dfa7a7e6a25f5d908334c10db44b0936044bce24f89d5333c56e
3428070ba9de1802698ea29826428628eab543de85c20e50e076e1a316606790
354a16c92816350830076c1f625525d9460ff1269cb3b8766592540d5ad28ba8
366de85e50aa042f34ef304b5195d06a87dcc81107e0a5ac87d997d35d95b275
4f37e40f466d79806853f3758a33da54b5df0794d81a070973e9d5d1ae4636a3
65d2a78602c1dfed06fef415e07caf67bdc2fb5682638fb5c2189dbd5e6131a0
7621b7efdd066ad06e4ab99786b72c02f9d126e63bfa911cee193b1071fa1ccd
9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14
ae3d9363f4fa0d03b76c14877276d6c10b8e2e98e7bfcfc5f96ddffef5215288
b110ce49bffb0222598f6961ea5601def38eed3ea38b14609330317735d8d11e
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
f56efd48ef5c333dfb3a7f5fbcc0d083f9a329a99a8333f4694ff9c2178824d8
f6980057249f4e1fc3dae211dba4e6fb2193e4f641a8e253f8513c323b7ec4ab