www.nordeafinans.se Open in urlscan Pro
92.123.178.49  Malicious Activity! Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.nordeafinans.se/	26 KB 7 KB	102ms 27ms	Document text/html	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx / Resource Hash 0d45d477f1d3dabbd1559db9e66f89f46e4af26a39064de4948b6e9ad90304e1 Security Headers Name Value Strict-Transport-Security max-age=157680000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host www.nordeafinans.se Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers ETag "46aef7095db4122e514d08bbfbce3ab2" Server nginx Content-Type text/html;charset=utf-8 ntCoent-Length 26281 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-UA-Compatible IE=edge,chrome=1 Strict-Transport-Security max-age=157680000 Content-Encoding gzip Content-Length 6112 Vary Accept-Encoding Cache-Control public, max-age=60 Expires Wed, 10 Jun 2020 09:14:05 GMT Date Wed, 10 Jun 2020 09:13:05 GMT Connection keep-alive Set-Cookie DC=2; path=/
GET H/1.1	200 OK	main.css www.nordeafinans.se/static/dotxx2017/css/	241 KB 41 KB	167ms 166ms	Stylesheet text/css	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/css/main.css?v=3.0.196 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx / Resource Hash c158a098645780e920d4a76943eb861d25cf2c762c6638b77e467d1f828259c8 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cteonnt-Length 247283 Strict-Transport-Security max-age=157680000 Content-Encoding gzip Last-Modified Tue, 09 Jun 2020 07:50:00 GMT Server nginx ETag "5edf3f28-3c5f3" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43199961 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Accept-Ranges bytes Content-Length 41616
GET H/1.1	200 OK	main.js Show response www.nordeafinans.se/static/dotxx2017/js/	355 KB 356 KB	135ms 82ms	Script application/javascript	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/js/main.js?v=3.0.196 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx / Resource Hash a2ca7473ded6c510672fbb52072283ef035f03875cfa4b0662a5d336d318a958 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Tue, 09 Jun 2020 07:50:00 GMT Server nginx ETag "5edf3f28-58cdd" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200000 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Accept-Ranges bytes Content-Length 363741
GET H/1.1	200 OK	Nordea-logo%20(2017).svg www.nordeafinans.se/Images/160-169221/	2 KB 2 KB	42ms 41ms	Image image/svg+xml	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-169221/Nordea-logo%20(2017).svg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 4273df9fda1edea73177fc0f181a659e190e37e040f09640f67f7bfe822df3b9 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Mon, 24 Apr 2017 08:31:35 GMT ETag 1493022695000 Content-Type image/svg+xml Cache-Control public, max-age=12427 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 1915
GET H/1.1	200 OK	father-and-son-by-the-water-smiling-large-overlay.jpg www.nordeafinans.se/Images/160-243513/	118 KB 118 KB	106ms 42ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-243513/father-and-son-by-the-water-smiling-large-overlay.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 8e07c2c396b29b4359e6944cf41dc427649f1536291747f19410ec6833a57729 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Sun, 14 Jan 2018 21:10:03 GMT ETag 1515964203000 Content-Type image/jpeg Cache-Control public, max-age=13463 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 120321
GET H/1.1	200 OK	Woman-standing-outside-station-small-overlay.jpg www.nordeafinans.se/Images/160-236425/	35 KB 36 KB	136ms 41ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-236425/Woman-standing-outside-station-small-overlay.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash b24f74b310e92d3dc478a699bb252368c64272473da0cd3c7aa06bca0e648bbe Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Fri, 01 Dec 2017 13:35:04 GMT ETag 1512135304000 Content-Type image/jpeg Cache-Control public, max-age=13348 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 36344
GET H/1.1	200 OK	Nordea_com_article_small_A-Young%20woman%20at%20her%20car%20with%20coffee%20.jpg www.nordeafinans.se/Images/160-307316/	90 KB 90 KB	145ms 48ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-307316/Nordea_com_article_small_A-Young%20woman%20at%20her%20car%20with%20coffee%20.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 4555d901b42e3c116d70ce33a9aa6fb82d75334c80589541f92725f86d3bc9f6 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Mon, 11 Mar 2019 15:43:06 GMT ETag 1552318986000 Content-Type image/jpeg Cache-Control public, max-age=3890 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 91665
GET H/1.1	200 OK	Elbil_overlay_600x400.jpg www.nordeafinans.se/Images/160-311714/	127 KB 128 KB	333ms 235ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-311714/Elbil_overlay_600x400.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 73be0636d8424832f9659553893672b1b0543296430956e11166fb70559543ac Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Wed, 17 Apr 2019 11:08:18 GMT ETag 1555499298000 Content-Type image/jpeg Cache-Control public, max-age=14370 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 130286
GET H/1.1	200 OK	big-city-and-high-rise-buildings-640x360.jpg www.nordeafinans.se/Images/160-181448/	110 KB 110 KB	52ms 39ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-181448/big-city-and-high-rise-buildings-640x360.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 04f30a733127693003c9f88fbe332b6bf6fd6742fa86ca025186d550ad26b122 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Wed, 19 Apr 2017 12:59:13 GMT ETag 1492606753000 Content-Type image/jpeg Cache-Control public, max-age=13488 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 112426
GET H/1.1	200 OK	coulple-standing-close-to-each-other-laughing-1280x720.jpg www.nordeafinans.se/Images/160-185821/	287 KB 288 KB	190ms 190ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-185821/coulple-standing-close-to-each-other-laughing-1280x720.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 9a9327de4704f03dd8f86ec56a2fb712fec3651b97ff5e5fabacf1a67eae1397 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Wed, 10 May 2017 11:40:05 GMT ETag 1494416405000 Content-Type image/jpeg Cache-Control public, max-age=14337 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 294280
GET H/1.1	200 OK	Woman-in-chair-with-laptop-small.jpg www.nordeafinans.se/Images/160-220293/	83 KB 83 KB	38ms 37ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-220293/Woman-in-chair-with-laptop-small.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 04aff31f51a8aead3b6bd30e0ee576c5b54b464c198d22a825bc0737b616167c Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Tue, 26 Sep 2017 11:32:50 GMT ETag 1506425570000 Content-Type image/jpeg Cache-Control public, max-age=3798 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 85134
GET H/1.1	200 OK	GettyImages_606691921_1280x720.jpg www.nordeafinans.se/Images/160-213070/	81 KB 81 KB	38ms 38ms	Image image/jpeg	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.nordeafinans.se/Images/160-213070/GettyImages_606691921_1280x720.jpg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash ee1e66329e7defde2ba3fef32aea044455458ccc0a9c014b4953c2ccf4cb35ac Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Wed, 30 Aug 2017 10:47:28 GMT ETag 1504090048000 Content-Type image/jpeg Cache-Control public, max-age=3893 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 82506
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/nordea/finans-web/prod/	190 KB 56 KB	214ms 172ms	Script text/javascript	152.199.23.241 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/nordea/finans-web/prod/utag.js Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.241 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lab/4EEC) / Resource Hash f38c8e5b36dda64063731f4d70b79c14e5aa11a9ff3f723986e7920a8f8e133f Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 09:13:06 GMT content-encoding gzip last-modified Wed, 27 May 2020 11:51:53 GMT server ECAcc (lab/4EEC) age 219 etag "814171601" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=300 accept-ranges bytes content-length 56781 expires Wed, 10 Jun 2020 09:18:06 GMT
GET DATA	200 OK	truncated /	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1046c2618aa140dc881112f813d041df7f2c364e49d166b0c2a34e7484119aef Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	NordeaSansSmall-Medium.woff2 www.nordeafinans.se/static/dotxx2017/assets/fonts/	26 KB 26 KB	53ms 30ms	Font application/octet-stream	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/assets/fonts/NordeaSansSmall-Medium.woff2 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.nordeafinans.se/static/dotxx2017/css/main.css?v=3.0.196 Origin https://www.nordeafinans.se Response headers Strict-Transport-Security max-age=157680000 Cache-Control max-age=39215870 Last-Modified Thu, 05 Mar 2020 08:45:28 GMT Connection keep-alive Accept-Ranges bytes Date Wed, 10 Jun 2020 09:13:06 GMT Content-Length 26880
GET H/1.1	200 OK	NordeaSansSmall-Regular.woff2 www.nordeafinans.se/static/dotxx2017/assets/fonts/	26 KB 26 KB	87ms 42ms	Font application/octet-stream	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/assets/fonts/NordeaSansSmall-Regular.woff2 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.nordeafinans.se/static/dotxx2017/css/main.css?v=3.0.196 Origin https://www.nordeafinans.se Response headers Strict-Transport-Security max-age=157680000 Cache-Control max-age=39215908 Last-Modified Thu, 05 Mar 2020 08:45:28 GMT Connection keep-alive Accept-Ranges bytes Date Wed, 10 Jun 2020 09:13:06 GMT Content-Length 26420
GET H/1.1	200 OK	iconfont.woff2 www.nordeafinans.se/static/dotxx2017/assets/fonts/	15 KB 15 KB	85ms 40ms	Font application/octet-stream	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/assets/fonts/iconfont.woff2 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash c1646d8b60b20b3020d99197f13a940cbdcc12506fe75bd9e3817e5c5dbf10bf Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.nordeafinans.se/static/dotxx2017/css/main.css?v=3.0.196 Origin https://www.nordeafinans.se Response headers Strict-Transport-Security max-age=157680000 Cache-Control max-age=39215947 Last-Modified Thu, 05 Mar 2020 08:45:28 GMT Connection keep-alive Accept-Ranges bytes Date Wed, 10 Jun 2020 09:13:06 GMT Content-Length 15272
GET H/1.1	200 OK	NordeaSansLarge-Regular.woff2 www.nordeafinans.se/static/dotxx2017/assets/fonts/	26 KB 27 KB	76ms 30ms	Font application/octet-stream	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/assets/fonts/NordeaSansLarge-Regular.woff2 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash c4658ca9543287896f9c56bdeb38ca5ae3182ecc20a1e2d345cf0bf7ab11fca3 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.nordeafinans.se/static/dotxx2017/css/main.css?v=3.0.196 Origin https://www.nordeafinans.se Response headers Strict-Transport-Security max-age=157680000 Cache-Control max-age=39215905 Last-Modified Thu, 05 Mar 2020 08:45:28 GMT Connection keep-alive Accept-Ranges bytes Date Wed, 10 Jun 2020 09:13:06 GMT Content-Length 27028
GET H/1.1	200 OK	NordeaSansLarge-Medium.woff2 www.nordeafinans.se/static/dotxx2017/assets/fonts/	27 KB 27 KB	75ms 29ms	Font application/octet-stream	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/static/dotxx2017/assets/fonts/NordeaSansLarge-Medium.woff2 Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 1084fee790a347896f8f0d5fa521211d9789f6ab250940b5bd402aa052d5e245 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.nordeafinans.se/static/dotxx2017/css/main.css?v=3.0.196 Origin https://www.nordeafinans.se Response headers Strict-Transport-Security max-age=157680000 Cache-Control max-age=39215940 Last-Modified Thu, 05 Mar 2020 08:45:28 GMT Connection keep-alive Accept-Ranges bytes Date Wed, 10 Jun 2020 09:13:06 GMT Content-Length 27448
GET H2	200	a7984450_panel-sv-se.js Show response policy.cookiereports.com/	87 KB 19 KB	58ms 28ms	Script application/javascript	34.107.253.133 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://policy.cookiereports.com/a7984450_panel-sv-se.js Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.253.133 , United States, ASN15169 (GOOGLE, US), Reverse DNS 133.253.107.34.bc.googleusercontent.com Software Apache / Resource Hash 4b25c123eb31fcdd95ae0415be00cf960281a51bde0fa6f23c26554b45df8d6f Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 09:13:06 GMT content-encoding gzip last-modified Fri, 05 Jun 2020 16:03:13 GMT server Apache etag "15c74-5a75865fa4e2e-gzip" vary Accept-Encoding content-type application/javascript status 200 cache-control public,max-age=3600 accept-ranges bytes alt-svc clear content-length 19131 via 1.1 google
GET H/1.1	200 OK	Nordea-logo%20(2017).svg Show response www.nordeafinans.se/Images/160-169221/	2 KB 2 KB	30ms 28ms	XHR image/svg+xml	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/Images/160-169221/Nordea-logo%20(2017).svg Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/static/dotxx2017/js/main.js?v=3.0.196 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash 4273df9fda1edea73177fc0f181a659e190e37e040f09640f67f7bfe822df3b9 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Strict-Transport-Security max-age=157680000 Last-Modified Mon, 24 Apr 2017 08:31:35 GMT ETag 1493022695000 Content-Type image/svg+xml Cache-Control public, max-age=12427 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 1915
GET H/1.1	200 OK	160-553-32.json Show response www.nordeafinans.se/app/newsspot/160-266569/	12 KB 5 KB	714ms 714ms	XHR application/json	92.123.178.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.nordeafinans.se/app/newsspot/160-266569/160-553-32.json Requested by Host: www.nordeafinans.se URL: https://www.nordeafinans.se/static/dotxx2017/js/main.js?v=3.0.196 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 92.123.178.49 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS Software nginx / Resource Hash 75099a587542bf7f651ea4cae87529fce5b84e74afd63fa5d289be3d621120e9 Security Headers Name Value Strict-Transport-Security max-age=157680000 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.nordeafinans.se/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Cteonnt-Length 12246 Strict-Transport-Security max-age=157680000 Content-Encoding gzip Server nginx ETag "05a8aa825e0b0003025d4c03c5bf72e0" Vary Accept-Encoding Content-Type application/json;charset=utf-8 Cache-Control public, max-age=57 Date Wed, 10 Jun 2020 09:13:06 GMT Connection keep-alive Content-Length 4689 Expires Wed, 10 Jun 2020 09:14:03 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	379 B 1 KB	129ms 37ms	XHR application/json	52.50.74.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=9D193D565A0AFF460A495E66%40AdobeOrg&d_nsid=0&ts=1591780386351 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/nordea/finans-web/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.74.84 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-74-84.eu-west-1.compute.amazonaws.com Software / Resource Hash 10657edd5c7fd9b772191b35a4c79462bd49d8b23764e1bfe4538283e6e095d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v070-0c57b4ad5.edge-irl1.demdex.com 5.72.0.20200602091202 1ms (+0ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-TID W1PUhNrnQL8= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.nordeafinans.se Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 314 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 124 B	14ms 13ms	Script text/javascript	152.199.23.241 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=nordea/finans-web/202005271151&cb=1591780386361 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/nordea/finans-web/prod/utag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.241 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/8A9F) / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 09:13:06 GMT last-modified Thu, 14 Apr 2016 16:59:33 GMT server ECAcc (ama/8A9F) age 383960 etag "2243872957" x-cache HIT content-type text/javascript status 200 cache-control max-age=600 accept-ranges bytes content-length 2 expires Wed, 10 Jun 2020 09:23:06 GMT
GET H/1.1	200 OK	Cookie set dest5.html nordea.demdex.net/ Frame A7D2	0 0	147ms 31ms	Document text/html	52.50.37.223 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nordea.demdex.net/dest5.html?d_nsid=0 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/nordea/finans-web/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.50.37.223 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-50-37-223.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Host nordea.demdex.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.nordeafinans.se/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie demdex=55334723035452715611076106316344898612 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.nordeafinans.se/ Response headers Accept-Ranges bytes Cache-Control max-age=21600 Content-Encoding gzip Content-Type text/html Expires Thu, 01 Jan 1970 00:00:00 GMT Last-Modified Tue, 02 Jun 2020 13:03:44 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Set-Cookie demdex=55334723035452715611076106316344898612;Path=/;Domain=.demdex.net;Expires=Mon, 07-Dec-2020 09:13:06 GMT;Max-Age=15552000;Secure;SameSite=None Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding, User-Agent X-TID 28nldtBjSXY= Content-Length 2785 Connection keep-alive
GET H2	200	id Show response nordea.d3.sc.omtrdc.net/	2 B 322 B	113ms 30ms	XHR application/x-javascript	15.236.9.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nordea.d3.sc.omtrdc.net/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=9D193D565A0AFF460A495E66%40AdobeOrg&mid=54844001771670857241024937969337745825&ts=1591780386489 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/nordea/finans-web/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-236-9-100.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers status 200 date Wed, 10 Jun 2020 09:13:06 GMT x-content-type-options nosniff server jag xserver anedge-6f7565dc8b-wvkqd vary Origin x-c master-1308.I3d0a82.M0-421 p3p CP="This is not a P3P policy" access-control-allow-origin https://www.nordeafinans.se cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
GET H2	200	s79935278999468 nordea.d3.sc.omtrdc.net/b/ss/nordeaprodse/1/JS-2.20.0/	43 B 221 B	29ms 29ms	Image image/gif	15.236.9.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://nordea.d3.sc.omtrdc.net/b/ss/nordeaprodse/1/JS-2.20.0/s79935278999468?AQB=1&ndh=1&pf=1&t=10%2F5%2F2020%2011%3A13%3A6%203%20-120&sdid=75E6881CBCFF4129-2261F7C36B01E669&mid=54844001771670857241024937969337745825&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fwww.nordeafinans.se%2F&c.&cm.&ssf=1&.cm&.c&cc=SEK&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=www.nordeafinans.se&v2=%2F&c4=Nordea%20Finans%20Privat%20%7C%20Nordeafinans.se&c7=Front%20Page&v7=Front%20Page&c16=nordea-finans-privat&c17=index.html&c20=xxlarge&c21=FINANS%7CSE%7CWeb%7Cprod%7Csv%7C3.0.196%7CTridion%7C&c22=FINANS%20SE%20Web&c23=Nordea%20Finance%20Open%20Pages&c28=1600%20x%201200&c41=2020-06-10&c42=09%3A13%3A06&c43=view&v61=1%7C1&v65=1&v67=finans-web%7Cprod%7Cutag.js%7Cut4.46.202005271151%7C4.46.0%7C12.0.0%7Clib-analytics-tridion&c75=1&v100=no&v107=D%3Dmid&v108=01729d81261e0011f5e711a3646a00078001c07000b08&v173=www.nordeafinans.se%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=9D193D565A0AFF460A495E66%40AdobeOrg&AQE=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-236-9-100.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.nordeafinans.se/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 09:13:06 GMT x-content-type-options nosniff x-c master-1308.I3d0a82.M0-421 p3p CP="This is not a P3P policy" status 200 content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Thu, 11 Jun 2020 09:13:06 GMT server jag xserver anedge-6f7565dc8b-hgnn7 etag 3418322350227423232-4614088353713675072 vary * content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Tue, 09 Jun 2020 09:13:06 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nordea (Banking)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Nordea object| app_params boolean| isInICE object| utag_data function| $ function| jQuery object| _cookiereports boolean| utag_condload object| utag function| e object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| globalWebAnalytics object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq object| s_i_nordeaprodse

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nordeafinans.se/	1970-01-19 18:55:16	Name: utag_main Value: v_id:01729d81261e0011f5e711a3646a00078001c07000b08$_sn:1$_se:1$_ss:1$_st:1591782186336$ses_id:1591780386336%3Bexp-session$_pn:1%3Bexp-session$_screen_uri_referring:%2F%3Bexp-session$lv:1$sv:1%3Bexp-session$le:1$se:1%3Bexp-session$vapi_domain:nordeafinans.se
			www.nordeafinans.se/	1969-12-31 23:59:59	Name: NSC_TUBS.mjwf.xfn3.qspe.opsefb.dpn Value: 0933a3dff1b43c6f3829454c1c32135c213bbff09a99401596acc87443798310a469da61
			.nordeafinans.se/	1970-01-20 03:40:52	Name: AMCV_9D193D565A0AFF460A495E66%40AdobeOrg Value: -408604571%7CMCIDTS%7C18424%7CvVersion%7C4.6.0
			www.nordeafinans.se/	1969-12-31 23:59:59	Name: DC Value: 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
nordea.d3.sc.omtrdc.net
nordea.demdex.net
policy.cookiereports.com
tags.tiqcdn.com
www.nordeafinans.se
15.236.9.100
152.199.23.241
34.107.253.133
52.50.37.223
52.50.74.84
92.123.178.49
04aff31f51a8aead3b6bd30e0ee576c5b54b464c198d22a825bc0737b616167c
04f30a733127693003c9f88fbe332b6bf6fd6742fa86ca025186d550ad26b122
0d45d477f1d3dabbd1559db9e66f89f46e4af26a39064de4948b6e9ad90304e1
1046c2618aa140dc881112f813d041df7f2c364e49d166b0c2a34e7484119aef
10657edd5c7fd9b772191b35a4c79462bd49d8b23764e1bfe4538283e6e095d5
1084fee790a347896f8f0d5fa521211d9789f6ab250940b5bd402aa052d5e245
4273df9fda1edea73177fc0f181a659e190e37e040f09640f67f7bfe822df3b9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443bd1fde75a477eaae12ba7828c6cb67608e14bbda783027fca2540c3bb0b03
4555d901b42e3c116d70ce33a9aa6fb82d75334c80589541f92725f86d3bc9f6
4b25c123eb31fcdd95ae0415be00cf960281a51bde0fa6f23c26554b45df8d6f
73be0636d8424832f9659553893672b1b0543296430956e11166fb70559543ac
75099a587542bf7f651ea4cae87529fce5b84e74afd63fa5d289be3d621120e9
8e07c2c396b29b4359e6944cf41dc427649f1536291747f19410ec6833a57729
9a9327de4704f03dd8f86ec56a2fb712fec3651b97ff5e5fabacf1a67eae1397
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a2ca7473ded6c510672fbb52072283ef035f03875cfa4b0662a5d336d318a958
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff
b24f74b310e92d3dc478a699bb252368c64272473da0cd3c7aa06bca0e648bbe
c158a098645780e920d4a76943eb861d25cf2c762c6638b77e467d1f828259c8
c1646d8b60b20b3020d99197f13a940cbdcc12506fe75bd9e3817e5c5dbf10bf
c4658ca9543287896f9c56bdeb38ca5ae3182ecc20a1e2d345cf0bf7ab11fca3
ee1e66329e7defde2ba3fef32aea044455458ccc0a9c014b4953c2ccf4cb35ac
f38c8e5b36dda64063731f4d70b79c14e5aa11a9ff3f723986e7920a8f8e133f