Submitted URL: https://bnpp.lk/0wevKo
Effective URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx
Submission Tags: falconsandbox
Submission: On July 18 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 155.140.0.21, located in France and belongs to BNP-PARIBAS, FR. The main domain is ssologin.bnpparibas.com. The Cisco Umbrella rank of the primary domain is 304941.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 7th 2022. Valid for: a year.
This is the only time ssologin.bnpparibas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
22 155.140.0.21 20617 (BNP-PARIBAS)
22 1
Apex Domain
Subdomains
Transfer
22 bnpparibas.com
ssologin.bnpparibas.com — Cisco Umbrella Rank: 304941
554 KB
1 bnpp.lk
bnpp.lk
1 KB
22 2
Domain Requested by
22 ssologin.bnpparibas.com ssologin.bnpparibas.com
1 bnpp.lk 1 redirects
22 2

This site contains links to these domains. Also see Links.

Domain
cib.bnpparibas.com
Subject Issuer Validity Valid
ssologin.bnpparibas.com
Entrust Certification Authority - L1K
2022-11-07 -
2023-11-07
a year crt.sh

This page contains 1 frames:

Primary Page: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx
Frame ID: E212565C2BE15CAB2E04FE4257097CB3
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

BNP Paribas - SSO Password Reset

Page URL History Show full URLs

  1. https://bnpp.lk/0wevKo HTTP 301
    https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

554 kB
Transfer

726 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bnpp.lk/0wevKo HTTP 301
    https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request PwdResetJ.aspx
ssologin.bnpparibas.com/cib/
Redirect Chain
  • https://bnpp.lk/0wevKo
  • https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
17 KB
18 KB
Document
General
Full URL
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
af8b993960d5042d2adb7958771e23599f5568ba93e2cb3fed39aa90bedab4e3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Length
17550
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Jul 2023 00:47:14 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Powered-By
ASP.NET
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
must-revalidate, no-cache, no-store, private max-age=0, no-store
Connection
keep-alive
Content-Length
450
Content-Type
text/html; charset=UTF-8
Date
Tue, 18 Jul 2023 00:47:14 GMT
Location
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Frame-Options
SAMEORIGIN
bootstrap.css
ssologin.bnpparibas.com/cib/css/
135 KB
20 KB
Stylesheet
General
Full URL
https://ssologin.bnpparibas.com/cib/css/bootstrap.css
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
bbe6ee9a1301f516bc1720345400ca5eb98750df4a9b9b1a5affa891f73d7606
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 18 Jul 2023 00:47:14 GMT
Last-Modified
Wed, 04 Dec 2019 10:21:22 GMT
ETag
"0bd41938caad51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
text/css
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
19511
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
font-awesome-4.7.0.css
ssologin.bnpparibas.com/cib/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://ssologin.bnpparibas.com/cib/css/font-awesome-4.7.0.css
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
cd9511ba214f26981d61b48346fae134d89637a09ce97c0262fcace7dc745848
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 18 Jul 2023 00:47:14 GMT
Last-Modified
Wed, 04 Dec 2019 10:21:22 GMT
ETag
"0bd41938caad51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
text/css
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
5343
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery-3.5.1.min.js
ssologin.bnpparibas.com/cib/js/
87 KB
88 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/jquery-3.5.1.min.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jan 2021 14:50:10 GMT
ETag
"03d2ef29e8d61:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
89476
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
browser-detect.js
ssologin.bnpparibas.com/cib/js/
3 KB
4 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/browser-detect.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
978855b8e697fef003cc0258f236cafb1a197cf476c4f2e42c0ea092123a3d87
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
3526
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
bootstrap-3.4.1.min.js
ssologin.bnpparibas.com/cib/js/
39 KB
39 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/bootstrap-3.4.1.min.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Nov 2020 10:04:04 GMT
ETag
"0c234f97fc1d61:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
39680
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery-migrate-1.2.1.min.js
ssologin.bnpparibas.com/cib/js/
8 KB
9 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/jquery-migrate-1.2.1.min.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
4052a71a54b6094cf53a150b955ce80968b9ae4da068bc86390d63b027e53926
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
8270
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery.watermark-3.2.0.js
ssologin.bnpparibas.com/cib/js/
22 KB
22 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/jquery.watermark-3.2.0.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
d582c45212243d5a54a7c4222d677f220db6be08c9e7b88a2fbdc9073d3ce0ea
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
22259
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery.nicescroll-3.5.4.js
ssologin.bnpparibas.com/cib/js/
116 KB
117 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/jquery.nicescroll-3.5.4.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
815ea7f415a2fa3a244ac43830c0c07bab47baf42e84609838b351f5e19fd74e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
118893
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery.cookies.2.2.0.js
ssologin.bnpparibas.com/cib/js/
11 KB
12 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/jquery.cookies.2.2.0.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
29191bc2cdd75d1175b5419e9cd63e6ec290ea0bd587f7c700a641b3b93bf0ee
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
11408
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
jquery.validate-1.13.0.js
ssologin.bnpparibas.com/cib/js/
56 KB
56 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/jquery.validate-1.13.0.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
d31a6d39f998a79023c4fcd2f9f32a7d9cf817ced85b71045810fa1947da9d72
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
57229
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
loginux_funcs-1.2.js
ssologin.bnpparibas.com/cib/js/
7 KB
7 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/loginux_funcs-1.2.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
41adb6dc3391a55822d5fc79d66afb4e5e49a6e7b948f341441e9413b5971d1c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Jan 2023 16:27:37 GMT
ETag
"45a5bac3c734d91:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
7046
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
pwdreset-1.1.js
ssologin.bnpparibas.com/cib/js/
9 KB
9 KB
Script
General
Full URL
https://ssologin.bnpparibas.com/cib/js/pwdreset-1.1.js
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
5e05f384e7f1f3ab51ee3b1ac2d408353d4552b064cad7f496d07492e31182a1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Nov 2022 14:46:27 GMT
ETag
"69e156d93efd81:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
application/javascript
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
9098
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
bnpp-custom-1.0.css
ssologin.bnpparibas.com/cib/css/
52 KB
9 KB
Stylesheet
General
Full URL
https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
65a8daf00893bcd04ab06eb87492b42fe03905192080a70a6b3de6321222d27d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 18 Jul 2023 00:47:14 GMT
Last-Modified
Wed, 19 Apr 2023 10:41:18 GMT
ETag
"0dbc79ab72d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
deny
Content-Type
text/css
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
9068
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
gb.png
ssologin.bnpparibas.com/cib/images/flags/
3 KB
3 KB
Image
General
Full URL
https://ssologin.bnpparibas.com/cib/images/flags/gb.png
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
ae0fa880865f48b641e001536e19b5d64d5c04f8b63c9a8d059dac117bc24ec9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
image/png
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
2675
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
fr.png
ssologin.bnpparibas.com/cib/images/flags/
941 B
1 KB
Image
General
Full URL
https://ssologin.bnpparibas.com/cib/images/flags/fr.png
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
62d7b6352a8cce421c720975f912d479099c6fb7ab1248d11b6832d3976633a3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/PwdResetJ.aspx?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
image/png
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
941
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
header_repeat.png
ssologin.bnpparibas.com/cib/img/
330 B
760 B
Image
General
Full URL
https://ssologin.bnpparibas.com/cib/img/header_repeat.png
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
22e4770c64b273647e164efd88d47f575df5afdc5016a2e8a7fc2ae81f6237ca
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
image/png
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
330
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
bnpp_logo.png
ssologin.bnpparibas.com/cib/img/
12 KB
12 KB
Image
General
Full URL
https://ssologin.bnpparibas.com/cib/img/bnpp_logo.png
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
50b9d61970d198dc85ae7f493a69bd30dc1b096f71154529c3c91546c148917d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
image/png
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
12229
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
bnpp_sans-webfont.woff
ssologin.bnpparibas.com/cib/fonts/BNPPSans/
28 KB
28 KB
Font
General
Full URL
https://ssologin.bnpparibas.com/cib/fonts/BNPPSans/bnpp_sans-webfont.woff
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
18a1e36514636859570459fbe600652220e0f2e7c1f0594446913ee6421fe435
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Origin
https://ssologin.bnpparibas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
28228
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Last-Modified
Wed, 04 Dec 2019 10:21:22 GMT
ETag
"0bd41938caad51:0"
Vary
Origin
X-Frame-Options
deny
Content-Type
font/x-woff
Access-Control-Allow-Origin
https://ssologin.bnpparibas.com
Cache-Control
max-age=2419200
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
bnpp_sans_light-webfont.woff
ssologin.bnpparibas.com/cib/fonts/BNPPSans/
27 KB
27 KB
Font
General
Full URL
https://ssologin.bnpparibas.com/cib/fonts/BNPPSans/bnpp_sans_light-webfont.woff
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
d9de9879b84feab9261de45d32b243a691d1bc368eddbe2f7cc142f7885e93ab
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Origin
https://ssologin.bnpparibas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
27152
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Last-Modified
Wed, 04 Dec 2019 10:21:22 GMT
ETag
"0bd41938caad51:0"
Vary
Origin
X-Frame-Options
deny
Content-Type
font/x-woff
Access-Control-Allow-Origin
https://ssologin.bnpparibas.com
Cache-Control
max-age=2419200
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
fontawesome-webfont.woff
ssologin.bnpparibas.com/cib/fonts/
64 KB
64 KB
Font
General
Full URL
https://ssologin.bnpparibas.com/cib/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/css/font-awesome-4.7.0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssologin.bnpparibas.com/cib/css/font-awesome-4.7.0.css
Origin
https://ssologin.bnpparibas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
X-Powered-By
ASP.NET
Content-Length
65452
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
Last-Modified
Wed, 04 Dec 2019 10:21:22 GMT
ETag
"0bd41938caad51:0"
Vary
Origin
X-Frame-Options
deny
Content-Type
font/x-woff
Access-Control-Allow-Origin
https://ssologin.bnpparibas.com
Cache-Control
max-age=2419200
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
cookieMessageCloseButton.jpg
ssologin.bnpparibas.com/cib/img/
2 KB
2 KB
Image
General
Full URL
https://ssologin.bnpparibas.com/cib/img/cookieMessageCloseButton.jpg
Requested by
Host: ssologin.bnpparibas.com
URL: https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.140.0.21 , France, ASN20617 (BNP-PARIBAS, FR),
Reverse DNS
ukssologin.revolution.bnpparibas.com
Software
/ ASP.NET
Resource Hash
ff046db1bccff7352232bcc30b6f83e7cb35199d097ed1962859aeccaad740b6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssologin.bnpparibas.com/cib/css/bnpp-custom-1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Date
Tue, 18 Jul 2023 00:47:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Dec 2019 10:21:24 GMT
ETag
"0ea72948caad51:0"
X-Powered-By
ASP.NET
X-Frame-Options
deny
Content-Type
image/jpeg
Cache-Control
max-age=2419200
Accept-Ranges
bytes
Content-Length
1695
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| BrowserDetect object| NiceScroll object| jaaulde function| setCookie function| delCookie function| saveCookie function| saveCookieTransient function| getCookie function| getDomain function| validDomain function| logoff function| logoffTarget function| loginFocus function| check_xss function| extractTarget function| decodeSm function| getParameterByName function| dateUTC function| otpRequest function| pwdreset function| changepwd function| CallService function| ServiceFailed function| ServiceSucceeded function| error_msg function| BezierClass

4 Cookies

Domain/Path Name / Value
bnpp.lk/ Name: XSRF-TOKEN
Value: eyJpdiI6InNGK1owUFdQQWNwK2IycVVRQlkvb0E9PSIsInZhbHVlIjoiZWlISld4WldOVExlNXRIcjVsWS9xdGpQMFZObzd6NTlMU1dFM3Bab3k3ZGxPL3hJYWVTVUlDZThiWlRHaHVlUHdrZ081c3NSOU1NekJkczBHOVRsQm80Y09LTTl4eGMyc2tUeHZjRzVlME13WmJOckZsMUFvbGlRSE9jQWxoamEiLCJtYWMiOiI3NDAxMmRjZDA0YzA1NzFjNDQxMTQ3ZTM1ZDhiYTI2ZGY4MjM2NzlkODIxNmU4Y2I2M2ViNWE3MjQwZmI2ZGYxIiwidGFnIjoiIn0%3D
bnpp.lk/ Name: laravel_session
Value: eyJpdiI6ImFoSFYyMW5mQkk0d0F5OUhYS2o1MUE9PSIsInZhbHVlIjoiNEZhZEtraWtoNS9XajFMbVBxMlBFNUFQWEI4UGlMcngyZW43VUN5R1B3MXNycUU0TW1SZGYrS3QrY0ZUVVB2TzQwMU9MRTZsTVN5enFXb3ZhTW0xS0d1TkdYZzBESElKN2ozUHJYbFU5RFBrZ1Noc3RHWlM4Mnk4a3hocWUvQ2kiLCJtYWMiOiI4MmY4ZTc4Zjk1OTAxMTNlM2M0YzYxNjEyNGVjOGM4OWRiYmFlOTQ5ZjA5NmMxMmYwMTE2ZmQ3OGZlZTVhYjRiIiwidGFnIjoiIn0%3D
ssologin.bnpparibas.com/ Name: ASP.NET_SessionId
Value: 1wm2dmpapc20xylfmzg4rgbp
.bnpparibas.com/ Name: CookieMessageVisible
Value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnpp.lk
ssologin.bnpparibas.com
155.140.0.21
2a02:26f0:480:bad::1a48
18a1e36514636859570459fbe600652220e0f2e7c1f0594446913ee6421fe435
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
22e4770c64b273647e164efd88d47f575df5afdc5016a2e8a7fc2ae81f6237ca
29191bc2cdd75d1175b5419e9cd63e6ec290ea0bd587f7c700a641b3b93bf0ee
4052a71a54b6094cf53a150b955ce80968b9ae4da068bc86390d63b027e53926
41adb6dc3391a55822d5fc79d66afb4e5e49a6e7b948f341441e9413b5971d1c
50b9d61970d198dc85ae7f493a69bd30dc1b096f71154529c3c91546c148917d
5e05f384e7f1f3ab51ee3b1ac2d408353d4552b064cad7f496d07492e31182a1
62d7b6352a8cce421c720975f912d479099c6fb7ab1248d11b6832d3976633a3
65a8daf00893bcd04ab06eb87492b42fe03905192080a70a6b3de6321222d27d
815ea7f415a2fa3a244ac43830c0c07bab47baf42e84609838b351f5e19fd74e
978855b8e697fef003cc0258f236cafb1a197cf476c4f2e42c0ea092123a3d87
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ae0fa880865f48b641e001536e19b5d64d5c04f8b63c9a8d059dac117bc24ec9
af8b993960d5042d2adb7958771e23599f5568ba93e2cb3fed39aa90bedab4e3
bbe6ee9a1301f516bc1720345400ca5eb98750df4a9b9b1a5affa891f73d7606
cd9511ba214f26981d61b48346fae134d89637a09ce97c0262fcace7dc745848
d31a6d39f998a79023c4fcd2f9f32a7d9cf817ced85b71045810fa1947da9d72
d582c45212243d5a54a7c4222d677f220db6be08c9e7b88a2fbdc9073d3ce0ea
d9de9879b84feab9261de45d32b243a691d1bc368eddbe2f7cc142f7885e93ab
ff046db1bccff7352232bcc30b6f83e7cb35199d097ed1962859aeccaad740b6