live.peoplise.com Open in urlscan Pro
57.153.126.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Submission Tags: @phish_report
Submission: On October 27 via api (October 27th 2024, 2:36:53 pm UTC) from FI — Scanned from NL

Summary HTTP 23 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 23 HTTP transactions. The main IP is 57.153.126.139, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is live.peoplise.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 16th 2024. Valid for: a year.

This is the only time live.peoplise.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
18	57.153.126.139 57.153.126.139		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:831::2008		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e		15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36		15169 (GOOGLE) (GOOGLE)
23	4

18 57.153.126.139 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

live.peoplise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	peoplise.com live.peoplise.com	1 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	177 KB
23	3

	Domain	Requested by
18	live.peoplise.com	live.peoplise.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	live.peoplise.com www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
23	4

This site contains no links.

Subject Issuer	Validity	Valid
*.peoplise.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-16` - `2025-09-18`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Frame ID: D8D9400427857A71B0B7EE4F711BB32B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Garanti BBVA

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/material(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

1294 kB
Transfer

3747 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Login Show response
live.peoplise.com/garantibbva/Account/ 13 KB
4 KB 223ms
130ms Document
text/html 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2430eb2f524d80881b5a9649e2dcb60461e8b9cef8ff789623fee5cff5abca3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 3936
content-type: text/html; charset=utf-8
date: Sun, 27 Oct 2024 14:36:47 GMT
expires: -1
pragma: no-cache
vary: Accept-Encoding

GET
H2 200 css-fonts
live.peoplise.com/garantibbva/Content/ 163 KB
36 KB 82ms
78ms Stylesheet
text/css 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/css-fonts?v=xlfOjAZkBK9XQXg8R92LocdhAyl4sEWGfRsK8Y8MoNg1
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1a0db1e4280d6316d600c57cd377e8ed2c5e06a6fddcd154da1be7617cc59534

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

cache-control: public
content-encoding: gzip
expires: Mon, 27 Oct 2025 14:36:47 GMT
content-length: 36544
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 27 Oct 2024 14:36:47 GMT
vary: User-Agent,Accept-Encoding

GET
H2 200 PeopliseStyles
live.peoplise.com/garantibbva/Content/ 519 KB
108 KB 83ms
79ms Stylesheet
text/css 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/PeopliseStyles?v=LeaI-dqL-QfaywCpXqjK7OqpAYc3QXebrTRPJoTAxGk1
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 05f11422558924c3176b2681cbd2405d5c16e510b123c1bc9dff109562c1fbc0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

expires: Mon, 27 Oct 2025 14:36:47 GMT
cache-control: public
content-encoding: gzip
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 27 Oct 2024 14:36:47 GMT
vary: User-Agent,Accept-Encoding

GET
H2 200 modernizr Show response
live.peoplise.com/garantibbva/bundles/ 19 KB
9 KB 48ms
45ms Script
text/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/bundles/modernizr?v=PzxqdgnaezbZfN2dd9tEm9wSUX3EJAT_b2hy-fZHb2o1
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6d5c63c943cc19260596b894337b72596b986ae0918fa2dcd7513f4347059a07

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

cache-control: public
content-encoding: gzip
expires: Mon, 27 Oct 2025 14:36:47 GMT
content-length: 8937
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 27 Oct 2024 14:36:47 GMT
vary: User-Agent,Accept-Encoding

GET
H2 200 v4.main.min.css
live.peoplise.com/garantibbva/Content/Theme/material/base/assets/css/ 427 KB
92 KB 84ms
81ms Stylesheet
text/css 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/Theme/material/base/assets/css/v4.main.min.css?v=133736613960000000
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bca900e2d1a48c2a85cb0c6b426495ebdaaceff25f74d396c70b5661da30bbda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

accept-ranges: bytes
content-encoding: gzip
date: Sun, 27 Oct 2024 14:36:47 GMT
etag: "0a28ce8bd20db1:0"
content-type: text/css
last-modified: Thu, 17 Oct 2024 17:56:36 GMT
vary: Accept-Encoding

GET
H2 200 bootstrap-extend.css
live.peoplise.com/garantibbva/Content/css/ 170 KB
23 KB 82ms
79ms Stylesheet
text/css 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/css/bootstrap-extend.css
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: caeb2eda27db19f99e501217e4d5f9d2fcb5daf2785e80e4866fe9a3c8c969d2

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "0f183cfbd20db1:0"
accept-ranges: bytes
content-length: 23726
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 17:55:54 GMT
vary: Accept-Encoding

GET
H2 200 v4_custom.css
live.peoplise.com/garantibbva/Content/css/ 46 KB
10 KB 80ms
78ms Stylesheet
text/css 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/css/v4_custom.css
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0ef5d71f1bd14fc35fd4842e133d7f18776bf1b17da35ceb37f67e5e10813b52

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "0f183cfbd20db1:0"
accept-ranges: bytes
content-length: 9832
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 17:55:54 GMT
vary: Accept-Encoding

GET
H2 200 login-v5.css
live.peoplise.com/garantibbva/Content/css/pages/ 6 KB
2 KB 64ms
62ms Stylesheet
text/css 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/css/pages/login-v5.css
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 485dd42730a58728d4b9296ba873ff6f30085ca700af53f22a0a72cc7cbcd1f8

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "0f183cfbd20db1:0"
accept-ranges: bytes
content-length: 1843
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 17:55:54 GMT
vary: Accept-Encoding

GET
H2 200 PeopliseScripts Show response
live.peoplise.com/garantibbva/Content/ 1 MB
544 KB 81ms
79ms Script
text/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/PeopliseScripts?v=k8p1F4c8cfg73opExHklzrwKf0Y1VzmFNF0anTc8dAU1
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d5b80fb86ed613c887d9f4a6a5e87649e882961e5a7d463f84e6860bd67587f9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

expires: Mon, 27 Oct 2025 14:36:47 GMT
cache-control: public
content-encoding: gzip
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 27 Oct 2024 14:36:47 GMT
vary: User-Agent,Accept-Encoding

GET
H2 200 jqueryval Show response
live.peoplise.com/garantibbva/bundles/ 27 KB
11 KB 64ms
62ms Script
text/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/bundles/jqueryval?v=WhRmI8vUVF186UwYB1zRP7-DwJzqpKlt0JksOBJvolw1
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8c628cafe23aba15589529fd58fb99f9dd536b41ddb39653496a19a07c322bfb

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

cache-control: public
content-encoding: gzip
expires: Mon, 27 Oct 2025 14:36:47 GMT
content-length: 11345
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sun, 27 Oct 2024 14:36:47 GMT
vary: User-Agent,Accept-Encoding

GET
H2 200 jquery.backstretch.min.js Show response
live.peoplise.com/garantibbva/Content/lib/jquery-backstretch/ 17 KB
8 KB 64ms
62ms Script
application/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/lib/jquery-backstretch/jquery.backstretch.min.js
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8d73d9c908163b819867f8d51977b7cfdc8250503ce9abcce8c5c59d7c0ddf81

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "0f183cfbd20db1:0"
accept-ranges: bytes
content-length: 7546
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 17:55:54 GMT
vary: Accept-Encoding

GET
H2 200 jquery.placeholder.js Show response
live.peoplise.com/garantibbva/Content/lib/jquery-placeholder/ 10 KB
3 KB 81ms
79ms Script
application/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/lib/jquery-placeholder/jquery.placeholder.js
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6fa801a3f764dd3877490a6955b9a522e7c506fedd5f636462348d440e98b939

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "0f183cfbd20db1:0"
accept-ranges: bytes
content-length: 3103
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 17:55:54 GMT
vary: Accept-Encoding

GET
H2 200 material.js Show response
live.peoplise.com/garantibbva/Content/components/ 3 KB
1 KB 83ms
81ms Script
application/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/components/material.js
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ffbeb3df7c5834be72eb6cfc783580f67e906f8eb86676fa4824679111a2ddf4

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "0f183cfbd20db1:0"
accept-ranges: bytes
content-length: 1142
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 17:55:54 GMT
vary: Accept-Encoding

GET
H2 200 custom.js Show response
live.peoplise.com/garantibbva/Content/Theme/material/base/assets/js/ 27 KB
9 KB 82ms
81ms Script
application/javascript 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/Theme/material/base/assets/js/custom.js?v=133736613380000000
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac486c03bc3965ac1e0fe1dcccbef96f8b7056d5669182ea9c86be9677892300

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

content-encoding: gzip
etag: "089fac5bd20db1:0"
accept-ranges: bytes
content-length: 9344
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 17:55:38 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 175ms
64ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98866242-3

Requested by

Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7eab7e4bf732cb197a6dfd94dbf1c3dc70ea16947b1071d2d3e48a9c3cc03e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 14:36:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 14:36:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 27 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80415
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Roboto-Light.woff2
live.peoplise.com/Peoplise/Content/Theme/material/global/fonts/Roboto/Light/ 63 KB
63 KB 29ms
29ms Font
application/font-woff2 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/Peoplise/Content/Theme/material/global/fonts/Roboto/Light/Roboto-Light.woff2?v=2.137
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Content/css-fonts?v=xlfOjAZkBK9XQXg8R92LocdhAyl4sEWGfRsK8Y8MoNg1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://live.peoplise.com
Referer: https://live.peoplise.com/garantibbva/Content/css-fonts?v=xlfOjAZkBK9XQXg8R92LocdhAyl4sEWGfRsK8Y8MoNg1

Response headers

accept-ranges: bytes
content-length: 64320
date: Sun, 27 Oct 2024 14:36:47 GMT
etag: "0e35cc8bd20db1:0"
content-type: application/font-woff2
last-modified: Thu, 17 Oct 2024 17:55:42 GMT

GET
H2 200 Material-Design-Iconic-Font.woff2
live.peoplise.com/Peoplise/Content/Theme/material/global/fonts/material-design/ 37 KB
38 KB 26ms
26ms Font
application/font-woff2 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/Peoplise/Content/Theme/material/global/fonts/material-design/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Content/css-fonts?v=xlfOjAZkBK9XQXg8R92LocdhAyl4sEWGfRsK8Y8MoNg1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://live.peoplise.com
Referer: https://live.peoplise.com/garantibbva/Content/css-fonts?v=xlfOjAZkBK9XQXg8R92LocdhAyl4sEWGfRsK8Y8MoNg1

Response headers

accept-ranges: bytes
content-length: 38384
date: Sun, 27 Oct 2024 14:36:47 GMT
etag: "0e35cc8bd20db1:0"
content-type: application/font-woff2
last-modified: Thu, 17 Oct 2024 17:55:42 GMT

GET
H2 200 61.jpg
live.peoplise.com/garantibbva/Content/Images/daily/ 134 KB
134 KB 31ms
31ms Image
image/jpeg 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.peoplise.com/garantibbva/Content/Images/daily/61.jpg
Requested by: Host: live.peoplise.com
URL: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 08972373f9722a9b30d57c11faec94583b99ff0c64a974be80bad08ba5a99bbc

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

accept-ranges: bytes
content-length: 136877
date: Sun, 27 Oct 2024 14:36:48 GMT
etag: "05cc9c4bd20db1:0"
content-type: image/jpeg
last-modified: Thu, 17 Oct 2024 17:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
98 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9STC0KLMPB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98866242-3

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9af50358368411b007c1c0c5ff03e36fbc4a88aa291815dd096ba5b60381f6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 27 Oct 2024 14:36:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 14:36:48 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99902
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 89ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98866242-3

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/

Response headers

content-encoding: gzip
age: 4233
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 27 Oct 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 13:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
420 B 38ms
31ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=413078875&t=pageview&_s=1&dl=https%3A%2F%2Flive.peoplise.com%2Fgarantibbva%2FAccount%2FLogin%3FReturnUrl%3D%252Fgarantibbva%252F&ul=nl-nl&de=UTF-8&dt=Garanti%20BBVA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1854905376&gjid=1671788075&cid=1468664486.1730039808&tid=UA-98866242-3&_gid=1653084967.1730039808&_r=1&gtm=457e4ao0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&jsscut=1&npa=1&z=1029621219

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://live.peoplise.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 14:36:48 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://live.peoplise.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 66ms
27ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9STC0KLMPB&gtm=45je4ao0v9117107866za200&_p=1730039807988&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848&cid=1468664486.1730039808&ul=nl-nl&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730039808&sct=1&seg=0&dl=https%3A%2F%2Flive.peoplise.com%2Fgarantibbva%2FAccount%2FLogin%3FReturnUrl%3D%252Fgarantibbva%252F&dt=Garanti%20BBVA&en=page_view&_fv=1&_ss=1&tfd=896
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9STC0KLMPB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://live.peoplise.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 27 Oct 2024 14:36:48 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon.png
live.peoplise.com/garantibbva/Content/Images/ 958 B
1 KB 29ms
28ms Other
image/png 57.153.126.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://live.peoplise.com/garantibbva/Content/Images/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.153.126.139 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 100b7cdae86b133adfc3a3575c6593a13ac5e27b78d522d05b3d13ee8ba59615

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://live.peoplise.com/garantibbva/Account/Login?ReturnUrl=%2Fgarantibbva%2F

Response headers

accept-ranges: bytes
content-length: 958
date: Sun, 27 Oct 2024 14:36:48 GMT
etag: "05cc9c4bd20db1:0"
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:55:36 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| yepnope function| Breakpoints function| newSummerNote function| EnjoyHint object| Kinetic function| SetHROnboardingCompletedDashboard function| SetHROnboardingCompletedPosition function| SetEnjoyHintForDashboard function| SetEnjoyForPosition function| $ function| jQuery object| jQuery112302108501631156643 object| Waves function| Switchery function| Sifter object| MicroPlugin function| Selectize function| sweetAlertInitialize function| swal function| sweetAlert object| bootbox function| Bloodhound function| Dropify function| kjua object| Site object| toastr function| Dropzone function| autosize object| FormValidation object| AnimationUpdater function| Gauge function| Donut function| BaseDonut function| TextRenderer object| siteJS object| candidateJS object| apiJS string| baseUrl number| originalPotion object| instance function| isMobile function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			live.peoplise.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ddmsihfy3ciz1wexs5udna15
			live.peoplise.com/	1970-01-21 01:18:38	Name: PeopliseUILanguageAbbreviationCustomer Value: tr
			live.peoplise.com/	1969-12-31 23:59:59	Name: browserChecked Value: true
			live.peoplise.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L2dhcmFudGliYnZh0 Value: _UccLA4i3xU2st22IKfEFSdk6LgRlp-RqwlBaqO5omfJLZo-5WfCcgu-2aL-zeEpcaqzW6NHQJuUdXouMlieUvZx4yv-eGzzDSEX6MG98pc1
			.peoplise.com/	1970-01-21 00:35:26	Name: _gid Value: GA1.2.1653084967.1730039808
			.peoplise.com/	1970-01-21 00:33:59	Name: _gat_gtag_UA_98866242_3 Value: 1
			.peoplise.com/	1970-01-21 10:09:59	Name: _ga_9STC0KLMPB Value: GS1.1.1730039808.1.0.1730039808.0.0.0
			.peoplise.com/	1970-01-21 10:09:59	Name: _ga Value: GA1.1.1468664486.1730039808

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

live.peoplise.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:32::36
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
57.153.126.139
05f11422558924c3176b2681cbd2405d5c16e510b123c1bc9dff109562c1fbc0
08972373f9722a9b30d57c11faec94583b99ff0c64a974be80bad08ba5a99bbc
0ef5d71f1bd14fc35fd4842e133d7f18776bf1b17da35ceb37f67e5e10813b52
100b7cdae86b133adfc3a3575c6593a13ac5e27b78d522d05b3d13ee8ba59615
1a0db1e4280d6316d600c57cd377e8ed2c5e06a6fddcd154da1be7617cc59534
1d8f5280afb7f4fa0db5cdfcb751e180788b0f0da1488309c4243ebff11a9591
2430eb2f524d80881b5a9649e2dcb60461e8b9cef8ff789623fee5cff5abca3d
485dd42730a58728d4b9296ba873ff6f30085ca700af53f22a0a72cc7cbcd1f8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5c63c943cc19260596b894337b72596b986ae0918fa2dcd7513f4347059a07
6fa801a3f764dd3877490a6955b9a522e7c506fedd5f636462348d440e98b939
8c628cafe23aba15589529fd58fb99f9dd536b41ddb39653496a19a07c322bfb
8d73d9c908163b819867f8d51977b7cfdc8250503ce9abcce8c5c59d7c0ddf81
9af50358368411b007c1c0c5ff03e36fbc4a88aa291815dd096ba5b60381f6a0
ac486c03bc3965ac1e0fe1dcccbef96f8b7056d5669182ea9c86be9677892300
bca900e2d1a48c2a85cb0c6b426495ebdaaceff25f74d396c70b5661da30bbda
caeb2eda27db19f99e501217e4d5f9d2fcb5daf2785e80e4866fe9a3c8c969d2
d5b80fb86ed613c887d9f4a6a5e87649e882961e5a7d463f84e6860bd67587f9
d7eab7e4bf732cb197a6dfd94dbf1c3dc70ea16947b1071d2d3e48a9c3cc03e2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
ffbeb3df7c5834be72eb6cfc783580f67e906f8eb86676fa4824679111a2ddf4