urlscan.io logo urlscan.io
SecurityTrails logo

logon.bcg.com Open in urlscan Pro
3.33.145.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.bcg-email.com/?qs=87f81806f3663f4d351955b5c9c493418b621450e6a21ebab4c699f14d97b170275e451936b93b88884b52a06758...
Effective URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT...
Submission: On January 20 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 45 HTTP transactions. The main IP is 3.33.145.223, located in United States and belongs to AMAZON-02, US. The main domain is logon.bcg.com. The Cisco Umbrella rank of the primary domain is 329084.
TLS certificate: Issued by R3 on January 14th 2024. Valid for: 3 months.
This is the only time logon.bcg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.231.91.47 14340 (SALESFORCE)
3 2600:9000:237... 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 52.49.110.165 16509 (AMAZON-02)
1 1 52.213.250.206 16509 (AMAZON-02)
4 3.33.145.223 16509 (AMAZON-02)
1 2600:1f18:24e... 14618 (AMAZON-AES)
17 18.173.154.64 16509 (AMAZON-02)
2 108.138.7.107 16509 (AMAZON-02)
45 8
1    66.231.91.47 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.virt.exacttarget.com
click.bcg-email.com
3    2600:9000:237d:9400:a:5a83:66c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
pages.navigator.bcg.com
3    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    52.49.110.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
dpm.demdex.net
bcg.demdex.net
1    52.213.250.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-250-206.eu-west-1.compute.amazonaws.com
cm.everesttech.net
4    3.33.145.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae7f7cd4514c83ac6.awsglobalaccelerator.com
logon.bcg.com
1    2600:1f18:24e6:b900:9075:2f6b:a511:4dc9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum-http-intake.logs.datadoghq.com
17    18.173.154.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-64.muc50.r.cloudfront.net
ok4static.oktacdn.com
2    108.138.7.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-107.fra56.r.cloudfront.net
login.okta.com
Apex Domain
Subdomains		 Transfer
17 oktacdn.com
ok4static.oktacdn.com — Cisco Umbrella Rank: 19132
923 KB
7 bcg.com
pages.navigator.bcg.com
logon.bcg.com — Cisco Umbrella Rank: 329084
2 MB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
bcg.demdex.net — Cisco Umbrella Rank: 491158
5 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 460
70 KB
2 okta.com
login.okta.com — Cisco Umbrella Rank: 4349
97 KB
1 datadoghq.com
rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 6244
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1278
517 B
1 bcg-email.com
click.bcg-email.com
246 B
0 Failed
function sub() { [native code] }. Failed
45 9
Domain Requested by
17 ok4static.oktacdn.com logon.bcg.com
ok4static.oktacdn.com
4 logon.bcg.com pages.navigator.bcg.com
logon.bcg.com
ok4static.oktacdn.com
3 assets.adobedtm.com pages.navigator.bcg.com
assets.adobedtm.com
3 pages.navigator.bcg.com pages.navigator.bcg.com
2 login.okta.com ok4static.oktacdn.com
login.okta.com
2 dpm.demdex.net assets.adobedtm.com
pages.navigator.bcg.com
1 rum-http-intake.logs.datadoghq.com pages.navigator.bcg.com
1 cm.everesttech.net 1 redirects
1 bcg.demdex.net assets.adobedtm.com
1 click.bcg-email.com 1 redirects
0 127.0.0.1 Failed ok4static.oktacdn.com
45 11

This site contains no links.

Subject Issuer Validity Valid
pages.navigator.bcg.com
Amazon RSA 2048 M03		 2023-11-23 -
2024-12-21		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
logon.bcg.com
R3		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
accounts.okta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2024-07-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Frame ID: D6574D6E925FF3EFBB7AD5FDF9CAB849
Requests: 36 HTTP requests in this frame

Frame: https://bcg.demdex.net/dest5.html?d_nsid=0
Frame ID: 834827F06CAAF170715158DF5BAB6761
Requests: 1 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 51F81E7F8FD89CE1F9225362256E7BD3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Boston Consulting Group - Anmelden

Page URL History Show full URLs

  1. http://click.bcg-email.com/?qs=87f81806f3663f4d351955b5c9c493418b621450e6a21ebab4c699f14d97b170275e4519... HTTP 302
    https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9 Page URL
  2. https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonc... Page URL

Page Statistics

45
Requests

71 %
HTTPS

33 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

3364 kB
Transfer

9261 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.bcg-email.com/?qs=87f81806f3663f4d351955b5c9c493418b621450e6a21ebab4c699f14d97b170275e451936b93b88884b52a067587ca58079c51cd743c7c9 HTTP 302
    https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9 Page URL
  2. https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://click.bcg-email.com/?qs=87f81806f3663f4d351955b5c9c493418b621450e6a21ebab4c699f14d97b170275e451936b93b88884b52a067587ca58079c51cd743c7c9 HTTP 302
  • https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
Request Chain 8
  • https://cm.everesttech.net/cm/dd?d_uuid=36081433072395388691679770322335346779 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZavVFwAAAKr8zwOV

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8190a383-6fc9-449a-9d3e-5a78d04870f9
pages.navigator.bcg.com/kp/
Redirect Chain
  • http://click.bcg-email.com/?qs=87f81806f3663f4d351955b5c9c493418b621450e6a21ebab4c699f14d97b170275e451936b93b88884b52a067587ca58079c51cd743c7c9
  • https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
885 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:9400:a:5a83:66c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afcaa78c28c4f9ca5325f219841a2f8038e66dcdcfb796edf307f5fe90107a15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
885
content-type
text/html
date
Sat, 20 Jan 2024 14:13:43 GMT
etag
"2edc941c22ae57daf6ccda0b0ec462eb"
last-modified
Wed, 17 Jan 2024 07:42:58 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-id
lR4C-2cEXTB-EhKwTY6qd9JzXJv_x9IOyYjo123TCRRIb3l1h9gwmw==
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Cache-Control
private
Connection
close
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Jan 2024 14:13:41 GMT
Location
https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
launch-ENe4b4601f46f14c85886449521df79997.min.js
assets.adobedtm.com/ 		409 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENe4b4601f46f14c85886449521df79997.min.js
Requested by
Host: pages.navigator.bcg.com
URL: https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
91fb7dabb8ce525902754f2de1525757c204b336a4cd7a4a98cf8ecd05958da5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.navigator.bcg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:13:43 GMT
content-encoding
gzip
last-modified
Wed, 27 Sep 2023 12:58:53 GMT
server
AkamaiNetStorage
etag
"77bf8213cb3f738fc0f2a20e6478cb68:1695819533.588358"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://pages.navigator.bcg.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
56650
expires
Sat, 20 Jan 2024 15:13:43 GMT
main.af07b762.js
pages.navigator.bcg.com/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.navigator.bcg.com/static/js/main.af07b762.js
Requested by
Host: pages.navigator.bcg.com
URL: https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:9400:a:5a83:66c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acb25b102692e6b8f58d3117b92705735051d69b0d9743241c50a99243066964
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:13:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:42:58 GMT
server
AmazonS3
via
1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
etag
W/"cfebbc3d53586285cca0253b730ee6b5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
V8ZUPYOFgOx1BUd_bcDyl6QabgaIp_iMvHXGlzFnaFd8HJOdW0ySlg==
main.0450cc05.css
pages.navigator.bcg.com/static/css/ 		936 KB
159 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pages.navigator.bcg.com/static/css/main.0450cc05.css
Requested by
Host: pages.navigator.bcg.com
URL: https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:9400:a:5a83:66c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1e1c93a55af960a0029b66d7eba40a4195de80657cfd11e328b4c713bd2d03f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:13:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jan 2024 07:42:58 GMT
server
AmazonS3
via
1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
etag
W/"9e808c3e89a7b7f09808d8b11da63486"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
2TWIlCGt-5dVDAE_4Q1s0odfG3dU8JZi2TrgVVaC0gd11dCZFGuETw==
id
dpm.demdex.net/ 		362 B
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=0B2D2B6956FA77C27F000101%40AdobeOrg&d_nsid=0&ts=1705760023147
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe4b4601f46f14c85886449521df79997.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c628319c9044f2c203aa174dadd17c5f6484d9ef0719d21dafcdad9fcb946dda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.navigator.bcg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-2-v054-07bf84699.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Sat, 20 Jan 2024 14:13:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
bc6LDPBSQlU=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://pages.navigator.bcg.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
306
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe4b4601f46f14c85886449521df79997.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.navigator.bcg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:13:43 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://pages.navigator.bcg.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sat, 20 Jan 2024 15:13:43 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe4b4601f46f14c85886449521df79997.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.navigator.bcg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:13:43 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://pages.navigator.bcg.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sat, 20 Jan 2024 15:13:43 GMT
dest5.html
bcg.demdex.net/ Frame 8348 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENe4b4601f46f14c85886449521df79997.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://pages.navigator.bcg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 20 Jan 2024 14:13:43 GMT
dcs
dcs-prod-irl1-1-v054-01a4861f9.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 17 Nov 2023 11:52:54 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
Ls8r2gpqRXc=
ibs:dpid=411&dpuuid=ZavVFwAAAKr8zwOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=36081433072395388691679770322335346779
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZavVFwAAAKr8zwOV
42 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZavVFwAAAKr8zwOV
Requested by
Host: pages.navigator.bcg.com
URL: https://pages.navigator.bcg.com/kp/8190a383-6fc9-449a-9d3e-5a78d04870f9
Protocol
H2
Server
52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pages.navigator.bcg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0eec88a0e.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Sat, 20 Jan 2024 14:13:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
4Kjc+z/nQh4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZavVFwAAAKr8zwOV
Date
Sat, 20 Jan 2024 14:13:43 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Primary Request authorize
logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/ 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Requested by
Host: pages.navigator.bcg.com
URL: https://pages.navigator.bcg.com/static/js/main.af07b762.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.145.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae7f7cd4514c83ac6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a2332b0c36f99237f1c32b829b91497216f5f8b2f5ad83c007364aaf19e702e9
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pages.navigator.bcg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 20 Jan 2024 14:13:44 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
ZavVGM9P0SvhBg1nZr3fEgAADTI
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1705760084
x-ua-compatible
IE=edge
x-xss-protection
0
pubc01e8e3a2617bf9baa68289bb1a52efe
rum-http-intake.logs.datadoghq.com/v1/input/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum-http-intake.logs.datadoghq.com/v1/input/pubc01e8e3a2617bf9baa68289bb1a52efe?_dd.application_id=ca8b9931-fc64-48d3-bd5a-9e3c3108b599&ddsource=browser&ddtags=sdk_version:1.26.3,env:prod,service:Ngen%20Knowledge%20Contribution%20App,version:
Requested by
Host: pages.navigator.bcg.com
URL: https://pages.navigator.bcg.com/static/js/main.af07b762.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:9075:2f6b:a511:4dc9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pages.navigator.bcg.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
okta-sign-in.min.js
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/ 		2 MB
481 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/okta-sign-in.min.js
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
d9a95adbc2b380c5a98c52361e4559bee015bdcf58ab66df9a80d820083a78b1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:11:09 GMT
x-amz-meta-sha1sum
beff92c8e4d3e6c516e8a641077b1a90218f6ca9
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
226956
x-cache
Hit from cloudfront
last-modified
Wed, 17 Jan 2024 22:33:21 GMT
server
nginx
etag
W/"489cd315287abbaee661183c4245a31d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
ux000FtT79uZJzVINbvy_cYJAJU0ytWXQj_4yKUh3ugxh5Zb-cFL-w==
expires
Thu, 16 Jan 2025 23:11:09 GMT
okta-sign-in.min.css
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/ 		217 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:11:09 GMT
x-amz-meta-sha1sum
4cfa8d8c88cf536e49e478565a2da853267beb22
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
226956
x-cache
Hit from cloudfront
last-modified
Wed, 17 Jan 2024 22:32:00 GMT
server
nginx
etag
W/"14a902da0701755f1c3dc816ee428221"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
6iXVUKqDQ3GY3dnIrno6JEj7RvTg4HkabhwJSII_h7Di01z5CdBeAA==
expires
Thu, 16 Jan 2025 23:11:09 GMT
loginpage-theme.7266b8318cd7a71710311515ab15c462.css
ok4static.oktacdn.com/assets/loginpage/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
8ff7edf87ee84f0f2ec6220604f7f4ac91e2dc7ba41e50423d5e22b941a1cb63
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:51:44 GMT
x-amz-meta-sha1sum
fcd39dff2ff6a1d16b01b7b40f2b61f218622b2e
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1614121
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:58:18 GMT
server
nginx
etag
W/"7266b8318cd7a71710311515ab15c462"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
5ZhZZKwL8sO06_T-wmQqC7ee2ut3qbYkvFYpTt7gNvdo4Dl6hA9iZA==
expires
Tue, 31 Dec 2024 21:51:44 GMT
style-sheet
logon.bcg.com/api/internal/brand/theme/ 		556 B
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://logon.bcg.com/api/internal/brand/theme/style-sheet?touch-point=SIGN_IN_PAGE&v=abc4780733b2999dc5536ea4bf18a7237d32beafe91e2f7611b8af3ecb8ae0d0dfb208992a3b1ecefd0c0f9333f4b59d
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.145.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae7f7cd4514c83ac6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-okta-request-id
ZavVGM9P0SvhBg1nZr3fEwAADTI
Date
Sat, 20 Jan 2024 14:13:44 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-rate-limit-limit
12000
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
11991
content-security-policy-report-only
default-src 'self' logon.okta.com logon.bcg.com *.oktacdn.com; connect-src 'self' logon.okta.com logon-admin.okta.com logon.bcg.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com logon.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' logon.okta.com logon.bcg.com *.oktacdn.com; style-src 'unsafe-inline' 'self' logon.okta.com logon.bcg.com *.oktacdn.com; frame-src 'self' logon.okta.com logon-admin.okta.com logon.bcg.com login.okta.com ok4-devicetrust.okta.com com-okta-authenticator:; img-src 'self' logon.okta.com logon.bcg.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' logon.okta.com logon.bcg.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
Vary
Accept-Encoding
Content-Type
text/css
x-rate-limit-reset
1705760027
cache-control
max-age=31536000, must-revalidate
Keep-Alive
timeout=5, max=99
expires
Sun, 19 Jan 2025 14:13:44 GMT
default.6770228fb0dab49a1695ef440a5279bb.png
ok4static.oktacdn.com/assets/img/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/assets/img/logos/default.6770228fb0dab49a1695ef440a5279bb.png
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
9ce729df778fbee5e9bb0b6cde926b2e5c19c87ebd301e10eeaabab0d3d89c66
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 04:54:08 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1502377
x-cache
Hit from cloudfront
content-length
1632
last-modified
Tue, 15 Jan 2019 21:42:29 GMT
server
nginx
etag
"6770228fb0dab49a1695ef440a5279bb"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
iDf3wgc8fCZY_Yzym1QmDfdxZETJyXMhiNz8IYtcI6oiPHDLfv_Opg==
expires
Thu, 02 Jan 2025 04:54:08 GMT
fs0tl6b098s1tBipt1t7
ok4static.oktacdn.com/fs/bco/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/fs/bco/1/fs0tl6b098s1tBipt1t7
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
71f353918c9a52d30fb655106ed8cc2cd1daf197265864cf71681ff4f35b7514
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Tue, 09 Jan 2024 18:23:22 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
935423
x-cache
Hit from cloudfront
content-length
2626
last-modified
Thu, 22 Jun 2023 03:11:37 GMT
server
nginx
etag
"3e1e518ddd0ff23aee4e3eeb16c62e76"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
SJH-hML__MC3G_7dpsD49Dx3jEINmJFUuTljm-W4oMMKEJOU0_llVg==
expires
Wed, 08 Jan 2025 18:23:22 GMT
initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
ok4static.oktacdn.com/assets/js/mvc/loginpage/ 		204 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
Origin
https://logon.bcg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-meta-sha1sum
91eca02abf11239ec4af7a30b1da6e2610f1b9a6
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
date
Mon, 08 Jan 2024 19:27:43 GMT
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1018104
x-cache
Hit from cloudfront
last-modified
Tue, 07 Nov 2023 18:58:20 GMT
server
nginx
etag
W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
0bNHxpqp8xIWRd9g79WFTo-e2eRTqP4p_Z713bpofpNgYre2YgF1lQ==
expires
Tue, 07 Jan 2025 19:25:21 GMT
fs0tl6b0a2SWctYC91t7
ok4static.oktacdn.com/fs/bco/7/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/fs/bco/7/fs0tl6b0a2SWctYC91t7
Requested by
Host: logon.bcg.com
URL: https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize?client_id=0oadzmkfc4GvXi1L51t7&nonce=85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY&redirect_uri=https%3A%2F%2Fpages.navigator.bcg.com%2Fimplicit%2Fcallback&response_type=token%20id_token&state=EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve&scope=profile%20email%20openid%20groups
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
eee917297c9fa2efab4920764142755db1c3c62bcd4a43af12b43acdee932c0f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://logon.bcg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Thu, 18 Jan 2024 06:48:15 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
199530
x-cache
Hit from cloudfront
content-length
125683
last-modified
Thu, 22 Jun 2023 03:11:38 GMT
server
nginx
etag
"20c4118eb8bad65e5f180aa1412c885b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
OsrNhU6U5NnjbRIa9AxGati-1YaJZ-0MmozRlxyn07R8qlQO32kwbQ==
expires
Fri, 17 Jan 2025 06:48:15 GMT
proximanova-light-webfont.aba797dabec6686294a9.woff2
ok4static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-light-webfont.aba797dabec6686294a9.woff2
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Origin
https://logon.bcg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:51:44 GMT
x-amz-meta-sha1sum
28b8b4bd234dde07b7ee63a6d32c6f275f03eca1
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
1614120
x-cache
Hit from cloudfront
content-length
20052
last-modified
Tue, 07 Nov 2023 18:58:19 GMT
server
nginx
etag
"3bf194f33d52c87ea38f13e04fd41950"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
_BLfNJsnQQAN_vGdt2cArkikKkgh--EQt7WVFEU0Lq3qIsw5t7cutw==
expires
Tue, 31 Dec 2024 21:51:44 GMT
proximanova-reg-webfont.353416ed0ff540352235.woff2
ok4static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Origin
https://logon.bcg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 19:25:26 GMT
x-amz-meta-sha1sum
2b5fcd8431953c44e410d0489899e74f6d2cfecc
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
1018099
x-cache
Hit from cloudfront
content-length
20416
last-modified
Tue, 07 Nov 2023 18:56:28 GMT
server
nginx
etag
"d99a7377dabb55772ca9f986b0a04b57"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
07skV51gpCddJ197RY1rfzECWSESds4sPpzWKFuJEy2HOcadieqpKg==
expires
Tue, 07 Jan 2025 19:25:26 GMT
iframe.html
login.okta.com/discovery/ Frame 51F8 		451 B
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04e5a6a734bb7d87c3edca98ab40003f8972aba152440e7df17bda26d9ce0f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
12780
Connection
keep-alive
Content-Length
451
Content-Type
text/html
Date
Sat, 20 Jan 2024 10:40:46 GMT
ETag
"fe4139cbc5a13528dbecbf548e6dd39c"
Last-Modified
Wed, 01 Nov 2023 16:07:38 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
-xHJCC2cRsekSZH976FJHd-nQCZ2mvkkF4ThbjaS4c92RudsdnlSFA==
X-Amz-Cf-Pop
FRA56-P6
X-Cache
Hit from cloudfront
fs0tl6b098s1tBipt1t7
ok4static.oktacdn.com/fs/bco/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/fs/bco/1/fs0tl6b098s1tBipt1t7
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
71f353918c9a52d30fb655106ed8cc2cd1daf197265864cf71681ff4f35b7514
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Tue, 09 Jan 2024 18:23:22 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
935423
x-cache
Hit from cloudfront
content-length
2626
last-modified
Thu, 22 Jun 2023 03:11:37 GMT
server
nginx
etag
"3e1e518ddd0ff23aee4e3eeb16c62e76"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
L0mvwcEPGZXQz-2aU8mq4IiLlSfk42RDjKTapEfbgJdDxEgdieD3Pg==
expires
Wed, 08 Jan 2025 18:23:22 GMT
login_de.json
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/labels/json/ 		108 KB
109 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/labels/json/login_de.json
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
06df1a311edc1a058930d5966721242b888a2a3592b6d138c7854c8ec7332eac
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 23:28:40 GMT
x-amz-meta-sha1sum
f017ae7a02339b5f93a107bb10caae2b5fed43f2
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
225905
x-cache
Hit from cloudfront
content-length
110937
last-modified
Wed, 17 Jan 2024 22:33:28 GMT
server
nginx
etag
"edc9c64fe80b6e90b37eec37f9411640"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
jVufMHiqQE8eICjVqdYfnTQny9602QCvexKB-fE5rkNkOjKz83x7dw==
expires
Thu, 16 Jan 2025 23:28:40 GMT
country_de.json
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/labels/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/labels/json/country_de.json
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 17 Jan 2024 23:28:40 GMT
x-amz-meta-sha1sum
251dd1ccca4c80570aee52db71eed703ac579ad8
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
225905
x-cache
Hit from cloudfront
content-length
4805
last-modified
Wed, 17 Jan 2024 22:33:26 GMT
server
nginx
etag
"51bec6463b4f7c5a26ede1fd8ee067f8"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
XAht7cBE2zjdy-GC5uSD9cESdgVv0OvCL0DU7Xu9_dqry1yq52tPBQ==
expires
Thu, 16 Jan 2025 23:28:40 GMT
introspect
logon.bcg.com/idp/idx/ 		18 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://logon.bcg.com/idp/idx/introspect
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.145.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae7f7cd4514c83ac6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f67cd8b78431f2a119be8c72542ed363d48abde9321d72ffa374978fc01e3a5e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.14.0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
ZavVGc9P0SvhBg1nZr3fHAAADTI
Date
Sat, 20 Jan 2024 14:13:45 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-rate-limit-limit
10000
x-content-type-options
nosniff
x-rate-limit-remaining
9991
content-security-policy-report-only
default-src 'self' logon.okta.com logon.bcg.com *.oktacdn.com; connect-src 'self' logon.okta.com logon-admin.okta.com logon.bcg.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com logon.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' logon.okta.com logon.bcg.com *.oktacdn.com; style-src 'unsafe-inline' 'self' logon.okta.com logon.bcg.com *.oktacdn.com; frame-src 'self' logon.okta.com logon-admin.okta.com logon.bcg.com login.okta.com ok4-devicetrust.okta.com com-okta-authenticator:; img-src 'self' logon.okta.com logon.bcg.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' logon.okta.com logon.bcg.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://logon.bcg.com
x-rate-limit-reset
1705760064
access-control-allow-credentials
true
cache-control
no-cache, no-store
X-Robots-Tag
noindex,nofollow
Keep-Alive
timeout=5, max=98
expires
0
discoveryIframe-ea9230c42a202475efd8.min.js
login.okta.com/lib/ Frame 51F8 		96 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/lib/discoveryIframe-ea9230c42a202475efd8.min.js
Requested by
Host: login.okta.com
URL: https://login.okta.com/discovery/iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-107.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
058bb9d17b2131122ad576569715e4e35cc79848433645fba5d768d9627acbd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.okta.com/discovery/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 04:46:47 GMT
Via
1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 01 Nov 2023 16:07:39 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P6
Age
34019
ETag
"6ba68ae0d3bea7d2d2d7262b7afe570e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Content-Length
98194
X-Amz-Cf-Id
AADGZWeoH4q8gL25Fkdc_rgd9P3o1BzdMG6c_PlMs5WMNyXjnCvFpw==
probe
127.0.0.1/ 		0
0
probe
127.0.0.1/ Frame 		0
0
oktaVerify_70x70.png
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/icons/mfa/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/icons/mfa/oktaVerify_70x70.png
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
d434b33b7d0382d89cd488dd964f27e395eb03cf34b51d822d45912d96e75c64
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:28:12 GMT
x-amz-meta-sha1sum
c429e1305e5dff0f7cb60b5e9dc3420a58b5e9b0
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
225933
x-cache
Hit from cloudfront
content-length
2411
last-modified
Wed, 17 Jan 2024 22:33:14 GMT
server
nginx
etag
"8146a7091eda20534f86ceadfb34a1fa"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
OQreGar-fo4vsKq1avD6Pqj9Ln7R0T9xYrANVGIf47pabZ0PBrsWbg==
expires
Thu, 16 Jan 2025 23:28:12 GMT
loader@1x.gif
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/ui/indicators/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/ui/indicators/loader@1x.gif
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
2d0840961e9d93f813811d90c3ed7537149172e1bb0fa92762ab0e0a72af054f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:28:18 GMT
x-amz-meta-sha1sum
ce2bac88d718f974add007d55ef0e9314d0f4b61
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
225927
x-cache
Hit from cloudfront
content-length
10274
last-modified
Wed, 17 Jan 2024 22:33:19 GMT
server
nginx
etag
"da5afed58d4a7ab9e44a16ee5387707b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
WZs5ZvHw6s3bkQAnQktz15xUiaW_g_ZtordxarztT0exM4J7iF_6AA==
expires
Thu, 16 Jan 2025 23:28:18 GMT
proximanova-sbold-webfont.41acb8650115f83780fc.woff2
ok4static.oktacdn.com/assets/loginpage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-sbold-webfont.41acb8650115f83780fc.woff2
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.7266b8318cd7a71710311515ab15c462.css
Origin
https://logon.bcg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:51:45 GMT
x-amz-meta-sha1sum
dd4beda27e8057403b27d1276ca9d68902692615
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
1614120
x-cache
Hit from cloudfront
content-length
20328
last-modified
Tue, 07 Nov 2023 18:54:23 GMT
server
nginx
etag
"27429b092c0595aa8803b611bd7508f3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
jrFXAqVpEEmJBKjJ8nVj0-5RoHncAGt2SOvBKaIRPrNr_nSGrSoQgg==
expires
Tue, 31 Dec 2024 21:51:45 GMT
probe
127.0.0.1/ 		0
0
probe
127.0.0.1/ Frame 		0
0
probe
127.0.0.1/ 		0
0
probe
127.0.0.1/ Frame 		0
0
probe
127.0.0.1/ 		0
0
probe
127.0.0.1/ Frame 		0
0
probe
127.0.0.1/ 		0
0
probe
127.0.0.1/ Frame 		0
0
probe
127.0.0.1/ 		0
0
probe
127.0.0.1/ Frame 		0
0
cancel
logon.bcg.com/idp/idx/authenticators/poll/ 		21 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://logon.bcg.com/idp/idx/authenticators/poll/cancel
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.145.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae7f7cd4514c83ac6.awsglobalaccelerator.com
Software
nginx /
Resource Hash
63ed251c7135977f4a2ce5d2192d3738e92e8089831f17d5e5ea60076c4b5d1a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json; okta-version=1.0.0
Referer
X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.14.0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
ZavVHM9P0SvhBg1nZr3fJwAADTI
Date
Sat, 20 Jan 2024 14:13:48 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-rate-limit-limit
5000
x-content-type-options
nosniff
x-rate-limit-remaining
4998
content-security-policy-report-only
default-src 'self' logon.okta.com logon.bcg.com *.oktacdn.com; connect-src 'self' logon.okta.com logon-admin.okta.com logon.bcg.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com logon.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' logon.okta.com logon.bcg.com *.oktacdn.com; style-src 'unsafe-inline' 'self' logon.okta.com logon.bcg.com *.oktacdn.com; frame-src 'self' logon.okta.com logon-admin.okta.com logon.bcg.com login.okta.com ok4-devicetrust.okta.com com-okta-authenticator:; img-src 'self' logon.okta.com logon.bcg.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' logon.okta.com logon.bcg.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
Content-Type
application/json;okta-version=1.0.0
access-control-allow-origin
https://logon.bcg.com
x-rate-limit-reset
1705760084
access-control-allow-credentials
true
cache-control
no-cache, no-store
X-Robots-Tag
noindex,nofollow
access-control-allow-headers
Content-Type
Keep-Alive
timeout=5, max=97
expires
0
oktaVerify_authenticator.png
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/icons/mfa/ 		638 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/icons/mfa/oktaVerify_authenticator.png
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
f0a0cb86c3a462478b9603cf8b18042bade83ebace885bc2fc7d99fddde98138
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:31:33 GMT
x-amz-meta-sha1sum
25dd4359c0fb3c3d9b9624c38daeed444b9314b5
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
225735
x-cache
Hit from cloudfront
content-length
638
last-modified
Wed, 17 Jan 2024 22:33:14 GMT
server
nginx
etag
"0bcdca59e2f615e121cbad5cf1435e5e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
gUHn0JYkCnu9bpghr9NynmiEygUXoK8Vd8nWP-P2x-y_yGc9KjzJVA==
expires
Thu, 16 Jan 2025 23:31:33 GMT
checkbox-sign-in-widget.png
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: ok4static.oktacdn.com
URL: https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-64.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.14.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 23:11:10 GMT
x-amz-meta-sha1sum
e0bb021ffdf93c68fef44de2a3b08f378b6fb50a
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
226958
x-cache
Hit from cloudfront
content-length
3141
last-modified
Wed, 17 Jan 2024 22:33:18 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
E92pNfEZkx3EhSFXrcbZSG9P4huMwfvOVgznDOHETDc08SPJC8sksQ==
expires
Thu, 16 Jan 2025 23:11:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
127.0.0.1
URL
http://127.0.0.1:8769/probe
Domain
127.0.0.1
URL
http://127.0.0.1:8769/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65111/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65111/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65121/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65121/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65131/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65131/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65141/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65141/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65151/probe
Domain
127.0.0.1
URL
http://127.0.0.1:65151/probe

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn object| okta function| runLoginPage object| OktaLogin object| jQBrowser

14 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 36081433072395388691679770322335346779
.bcg.com/ Name: AMCVS_0B2D2B6956FA77C27F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZavVFwAAAKr8zwOV
.dpm.demdex.net/ Name: dpm
Value: 36081433072395388691679770322335346779
.bcg.com/ Name: AMCV_0B2D2B6956FA77C27F000101%40AdobeOrg
Value: -637568504%7CMCIDTS%7C19743%7CMCMID%7C36408583878944127061719214403650278732%7CMCAAMLH-1706364823%7C6%7CMCAAMB-1706364823%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1705767223s%7CNONE%7CMCSYNCSOP%7C411-19750%7CvVersion%7C5.1.1
pages.navigator.bcg.com/ Name: _dd_s
Value: rum=1&id=a50f3732-7071-49fd-a9fd-44037104d5aa&created=1705760024223&expire=1705760924223
pages.navigator.bcg.com/ Name: auth_attempted
Value: Sat%20Jan%2020%202024%2015:13:44%20GMT+0100%20(Central%20European%20Standard%20Time)
.bcg.com/ Name: okta-environment
Value: prod
pages.navigator.bcg.com/ Name: okta-oauth-redirect-params
Value: {%22responseType%22:[%22token%22%2C%22id_token%22]%2C%22state%22:%22EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve%22%2C%22nonce%22:%2285zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY%22%2C%22scopes%22:[%22profile%22%2C%22email%22%2C%22openid%22%2C%22groups%22]%2C%22clientId%22:%220oadzmkfc4GvXi1L51t7%22%2C%22urls%22:{%22issuer%22:%22https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7%22%2C%22authorizeUrl%22:%22https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/authorize%22%2C%22userinfoUrl%22:%22https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/userinfo%22%2C%22tokenUrl%22:%22https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/token%22%2C%22revokeUrl%22:%22https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/revoke%22%2C%22logoutUrl%22:%22https://logon.bcg.com/oauth2/aus9at6ncy2iUhZw41t7/v1/logout%22}%2C%22ignoreSignature%22:false}
pages.navigator.bcg.com/ Name: okta-oauth-nonce
Value: 85zvWIA6bxw7U5XSpT4GXPMyiYaUHr0qM9OcsbFqdpOgX0SwBGx6aoWVzcCU1tOY
pages.navigator.bcg.com/ Name: okta-oauth-state
Value: EJtqTLUcYHhwWNs1doGtPxCJUKp8hdDT98fUZf0wESdujTcvofIqeXdZwJCScfve
logon.bcg.com/ Name: t
Value: spring
logon.bcg.com/ Name: DT
Value: DI11OhCpkudSGqMye7p-FhH9g
logon.bcg.com/ Name: JSESSIONID
Value: C9C63EFDB93C80DB1FF3591B91DF6207

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
assets.adobedtm.com
bcg.demdex.net
click.bcg-email.com
cm.everesttech.net
dpm.demdex.net
login.okta.com
logon.bcg.com
ok4static.oktacdn.com
pages.navigator.bcg.com
rum-http-intake.logs.datadoghq.com
127.0.0.1
108.138.7.107
18.173.154.64
2600:1f18:24e6:b900:9075:2f6b:a511:4dc9
2600:9000:237d:9400:a:5a83:66c0:93a1
2a02:26f0:3500:587::1e80
3.33.145.223
52.213.250.206
52.49.110.165
66.231.91.47
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
04e5a6a734bb7d87c3edca98ab40003f8972aba152440e7df17bda26d9ce0f8a
058bb9d17b2131122ad576569715e4e35cc79848433645fba5d768d9627acbd0
06df1a311edc1a058930d5966721242b888a2a3592b6d138c7854c8ec7332eac
19714eaf0cbf6de9f909794bddca2470bf498dc53b02f50947a5e89476251fde
2d0840961e9d93f813811d90c3ed7537149172e1bb0fa92762ab0e0a72af054f
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
63ed251c7135977f4a2ce5d2192d3738e92e8089831f17d5e5ea60076c4b5d1a
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
71f353918c9a52d30fb655106ed8cc2cd1daf197265864cf71681ff4f35b7514
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8ff7edf87ee84f0f2ec6220604f7f4ac91e2dc7ba41e50423d5e22b941a1cb63
91fb7dabb8ce525902754f2de1525757c204b336a4cd7a4a98cf8ecd05958da5
9af30b5e4695010f9be253f861784e638c81274ca0390214629886029ca9b509
9b5d2290b34cd718e1e97e894d6790f92387ee50de0b3364da291e7112f412be
9ce729df778fbee5e9bb0b6cde926b2e5c19c87ebd301e10eeaabab0d3d89c66
a1e1c93a55af960a0029b66d7eba40a4195de80657cfd11e328b4c713bd2d03f
a2332b0c36f99237f1c32b829b91497216f5f8b2f5ad83c007364aaf19e702e9
acb25b102692e6b8f58d3117b92705735051d69b0d9743241c50a99243066964
afcaa78c28c4f9ca5325f219841a2f8038e66dcdcfb796edf307f5fe90107a15
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
c628319c9044f2c203aa174dadd17c5f6484d9ef0719d21dafcdad9fcb946dda
d434b33b7d0382d89cd488dd964f27e395eb03cf34b51d822d45912d96e75c64
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d9a95adbc2b380c5a98c52361e4559bee015bdcf58ab66df9a80d820083a78b1
e540549c5ee85d139a6590536daf86400fccd811ebc9d5b714794efe1e34b897
eee917297c9fa2efab4920764142755db1c3c62bcd4a43af12b43acdee932c0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a0cb86c3a462478b9603cf8b18042bade83ebace885bc2fc7d99fddde98138
f67cd8b78431f2a119be8c72542ed363d48abde9321d72ffa374978fc01e3a5e