www.ncbank.no
Open in
urlscan Pro
76.223.9.102
Public Scan
Effective URL: https://www.ncbank.no/
Submission: On March 02 via manual from JP
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on February 3rd 2020. Valid for: 3 months.
This is the only time www.ncbank.no was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: redirect1.proxy-ssl.webflow.com
ncbank.no |
ASN16509 (AMAZON-02, US)
PTR: add4b4faa2f72e726.awsglobalaccelerator.com
www.ncbank.no |
ASN16509 (AMAZON-02, US)
assets.website-files.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net | |
p.typekit.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-72.fra2.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com
tb.de17a.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net
cm.g.doubleclick.net |
ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com |
ASN29990 (ASN-APPNEX, US)
PTR: 319.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
ad.360yield.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-133-139.eu-west-1.compute.amazonaws.com
ad.sxp.smartclip.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-143-102.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-39-229.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-53.deploy.static.akamaitechnologies.com
dsum.casalemedia.com |
Domain | Requested by | |
---|---|---|
17 | fonts.gstatic.com |
www.ncbank.no
ajax.googleapis.com |
15 | use.typekit.net |
www.ncbank.no
use.typekit.net |
8 | tb.de17a.com |
1 redirects
www.ncbank.no
tb.de17a.com |
7 | assets.website-files.com |
www.ncbank.no
|
3 | ad.sxp.smartclip.net |
2 redirects
blank
|
3 | d5p.de17a.com |
1 redirects
blank
|
3 | www.googletagmanager.com |
www.ncbank.no
|
2 | dsum.casalemedia.com |
1 redirects
blank
|
2 | dmp.adform.net |
1 redirects
blank
|
2 | x.bidswitch.net |
1 redirects
blank
|
2 | sync.search.spotxchange.com |
1 redirects
blank
|
2 | ad.360yield.com |
1 redirects
blank
|
2 | ib.adnxs.com | 2 redirects |
2 | cm.g.doubleclick.net | 2 redirects |
2 | px.ads.linkedin.com |
1 redirects
www.ncbank.no
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | usermatch.targeting.unrulymedia.com |
blank
|
1 | pixel.advertising.com |
blank
|
1 | image2.pubmatic.com |
blank
|
1 | pixel.rubiconproject.com |
blank
|
1 | p.typekit.net |
www.ncbank.no
|
1 | www.linkedin.com | 1 redirects |
1 | www.google.de |
www.ncbank.no
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | sjs.bizographics.com |
www.googletagmanager.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | d3e54v103j8qbb.cloudfront.net |
www.ncbank.no
|
1 | ajax.googleapis.com |
www.ncbank.no
|
1 | www.ncbank.no | |
1 | ncbank.no | 1 redirects |
70 | 31 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nettbankportal.no |
formrndr.ncbank.no |
www.google.com |
www.facebook.com |
www.linkedin.com |
assets.website-files.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ncbank.no Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
*.website-files.com Amazon |
2020-01-09 - 2021-02-09 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
js.bizographics.com DigiCert SHA2 Secure Server CA |
2018-04-13 - 2020-04-17 |
2 years | crt.sh |
*.de17a.com Sectigo ECC Domain Validation Secure Server CA |
2019-12-03 - 2020-12-02 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2019-05-29 - 2021-06-29 |
2 years | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA |
2019-02-22 - 2021-02-21 |
2 years | crt.sh |
*.360yield.com Amazon |
2019-09-24 - 2020-10-24 |
a year | crt.sh |
*.search.spotxchange.com GeoTrust RSA CA 2018 |
2019-03-20 - 2021-04-21 |
2 years | crt.sh |
pixel.advertising.com DigiCert SHA2 High Assurance Server CA |
2017-06-14 - 2020-06-18 |
3 years | crt.sh |
*.smartclip.net Amazon |
2020-02-29 - 2021-03-29 |
a year | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2019-04-17 - 2020-05-04 |
a year | crt.sh |
track.adform.net DigiCert SHA2 Secure Server CA |
2019-09-16 - 2021-09-20 |
2 years | crt.sh |
*.targeting.unrulymedia.com Amazon |
2019-07-31 - 2020-08-31 |
a year | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2020-02-24 - 2020-03-09 |
15 days | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.ncbank.no/
Frame ID: E5EC816BB4B225A5CC20FB40923B7E7A
Requests: 52 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: 4F4F6E93089A4E38A9DC227B244DD54B
Requests: 1 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: B3656DEDC3F7B11BFF2DD67CE33A7E78
Requests: 1 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_3
Frame ID: 8A9561E01CB5EA6AB7D92D77A67A5CA6
Requests: 1 HTTP requests in this frame
Frame:
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=3312032568750764232&expires=30
Frame ID: 5CAF05D8048DA8ECD808D0E953E33032
Requests: 12 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
Frame ID: 6A67573FBE06CF86C157B38751392192
Requests: 1 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 74D4035FC29214A2E4C0A998396E17C6
Requests: 1 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_3
Frame ID: 16F90B679D8A01FA944176666A66144B
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ncbank.no/
HTTP 301
https://www.ncbank.no/ Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
- script /googleapis\.com\/.+webfont/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Logg inn
Search URL Search Domain Scan URL
Title: Bli næringskunde
Search URL Search Domain Scan URL
Title: Inkognitogata 8, 0258 Oslo, Norway
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Generelle avtalevilkår for næringsdrivende
Search URL Search Domain Scan URL
Title: Generelle avtalevilkår for privatkunder
Search URL Search Domain Scan URL
Title: Prisliste Næring
Search URL Search Domain Scan URL
Title: Prisliste Privat
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ncbank.no/
HTTP 301
https://www.ncbank.no/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1296751992&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncbank.no%2F&ul=en-us&de=UTF-8&dt=Nordic%20Corporate%20Bank&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1910779632&gjid=1499981771&cid=1000463247.1583156787&tid=UA-145681999-1&_gid=1250676356.1583156787&_r=1>m=2ou2j0&z=1507682917 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_gid=1250676356.1583156787&gjid=1499981771&_v=j81&z=1507682917 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917&slf_rd=1&random=4247489755
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1429673%26url%3Dhttps%253A%252F%252Fwww.ncbank.no%252F%26time%3D1583156787406%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406&liSync=true
- https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
- https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
- https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc= HTTP 302
- https://d5p.de17a.com/cookies/google?google_gid=CAESEPXncAvcQ1CQ6gfCr8uJato&google_cver=1&google_ula=668382,0
- https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
- https://d5p.de17a.com/setuid/appnexus?anxs_uid=8017445017986203189
- https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787 HTTP 302
- https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787
- https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1&__user_check__=1&sync_id=372a4378-5c8c-11ea-a703-197e22df0b06
- https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
- https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
- https://d5p.de17a.com/getuid/smartclip?uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d HTTP 302
- https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3312032568750764232&uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d
- https://x.bidswitch.net/sync?dsp_id=228&user_id=3312032568750764232&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3312032568750764232&expires=30
- https://dmp.adform.net/serving/cookie/match?party=1124&cid=3312032568750764232 HTTP 302
- https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3312032568750764232
- https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787 HTTP 302
- https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787&C=1
70 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.ncbank.no/ Redirect Chain
|
18 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.febf47506.css
assets.website-files.com/5d5be1feda745acc4e9c4a6f/css/ |
74 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scj1ulc.js
use.typekit.net/ |
23 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
75 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d5be1feda745a8d7f9c4ac1_NCB-logo-white.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d5be1feda745a7f5d9c4ac2_logo-white.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ |
1 KB 971 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d5be1feda745a10f69c4abc_fb.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ |
921 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d5be1feda745a7c0b9c4abd_Linkedin%20Icon.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ |
626 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.220afd743d.js
d3e54v103j8qbb.cloudfront.net/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.2b8ddd7f6.js
assets.website-files.com/5d5be1feda745acc4e9c4a6f/js/ |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
29 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
54 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
76 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d5be1feda745aa5859c4ab6_Web%20tittel%20page%202.png
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ |
4 MB 4 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9bd2dc/00000000000000003b9ae129/27/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/1e0705/00000000000000003b9ae12f/27/ |
27 KB 28 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/9871e5/00000000000000003b9acaf2/27/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a2c82e/00000000000000003b9acaf4/27/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CSR64z1Qlv-GDxkbKVQ_fOAKTfl8tOQ.woff2
fonts.gstatic.com/s/newscycle/v16/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CSR54z1Qlv-GDxkbKVQ_dFsvWNReuc4nG2o.woff2
fonts.gstatic.com/s/newscycle/v16/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZUSdy4Q.woff2
fonts.gstatic.com/s/robotocondensed/v18/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8nN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY7K-KzLgKkPHhI.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8hN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8M_7gqMIPBCwBw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5m6bvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4C6rvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK7Bh4sN.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zYX-KVElMYYaJe8bpLHnCwDKjbLuF6ZJW9XjDg.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
sjs.bizographics.com/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d7.js
tb.de17a.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 58 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/aa5b59/00000000000000003b9acaf7/27/ |
27 KB 28 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/19e775/00000000000000003b9acaf3/27/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/51b548/00000000000000003b9acaf5/27/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/027dd4/00000000000000003b9acafa/27/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/133267/00000000000000003b9acafb/27/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/a793eb/00000000000000003b9ae12a/27/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/be5018/00000000000000003b9ae12c/27/ |
27 KB 27 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/6f12d4/00000000000000003b9ae12d/27/ |
25 KB 25 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/da19e9/00000000000000003b9ae130/27/ |
25 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getUid;c
tb.de17a.com/api/ Frame 4F4F Redirect Chain
|
61 B 222 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageView
tb.de17a.com/api/ Frame B365 |
2 KB 3 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageView
tb.de17a.com/api/ Frame 8A95 |
87 B 248 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 5CAF |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google
d5p.de17a.com/cookies/ Frame 5CAF Redirect Chain
|
35 B 134 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appnexus
d5p.de17a.com/setuid/ Frame 5CAF Redirect Chain
|
35 B 134 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
image2.pubmatic.com/AdServer/ Frame 5CAF |
42 B 849 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
ad.360yield.com/ul_cb/ Frame 5CAF Redirect Chain
|
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 5CAF Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pixel.advertising.com/ups/55955/ Frame 5CAF |
0 124 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
ad.sxp.smartclip.net/ Frame 5CAF Redirect Chain
|
42 B 787 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Frame 5CAF Redirect Chain
|
43 B 380 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
dmp.adform.net/serving/cookie/ Frame 5CAF Redirect Chain
|
35 B 233 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3312032568750764232
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame 5CAF |
0 289 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum.casalemedia.com/ Frame 5CAF Redirect Chain
|
43 B 978 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getUid
tb.de17a.com/api/ Frame 6A67 |
61 B 222 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageView
tb.de17a.com/api/ Frame 74D4 |
87 B 248 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageView
tb.de17a.com/api/ Frame 16F9 |
87 B 248 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| WebFont object| Typekit function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email object| _d7 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| La function| $ function| jQuery function| tram object| Webflow object| stickymenu number| stickymenuoffset object| theHeaders object| elFigure boolean| K3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ncbank.no/ | Name: _gat_gtag_UA_145681999_1 Value: 1 |
|
.ncbank.no/ | Name: _gid Value: GA1.2.1250676356.1583156787 |
|
.ncbank.no/ | Name: _ga Value: GA1.2.1000463247.1583156787 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.360yield.com
ad.sxp.smartclip.net
ajax.googleapis.com
assets.website-files.com
cm.g.doubleclick.net
d3e54v103j8qbb.cloudfront.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
ncbank.no
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
sjs.bizographics.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tb.de17a.com
use.typekit.net
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.ncbank.no
x.bidswitch.net
13.225.84.72
172.217.22.34
185.33.223.204
185.64.189.110
185.94.180.125
213.155.156.185
213.155.156.188
2600:9000:20eb:1c00:11:3b84:d200:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:815::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9d
2a02:26f0:10c:38f::3adf
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.193.204.92
34.240.133.139
35.158.17.58
37.157.4.29
52.215.39.229
52.28.33.202
54.93.143.102
69.173.144.136
76.223.9.102
95.100.197.53
95.100.67.47
07448ac2a8142e9e10ae393320d189506a4b3e141fb85aa88356ef81f367e964
07c7ef9c3e071f6da4717c6d89781bd8fe8f77539705317e80663d01c0c5484f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f6739f8f525e9d07a1935d7ea0f23113d06dc58854a6919135729961adaae28
15b02397208cc775012b3cf8ac16ad7a93db133644eb9ed7ddbe02542b03b512
173961b6b039e5cc5c5cc6ccc82268c227c55f5787959f40ee688d3e53b93087
288d0edce2b398cb452d2fceed89f7f92cfbe1de0370fadae31f701ab309bf21
2b15085e87eaee4535cca83bf02a7cbf9dc6c7aa621ac2e95fd88110d1acef70
30ab3fc79322e80388bcd70e3972e90e96516c0d1305468b74fca6e83cfcd0e6
30b903ba341f56ca4979ba83ba289315c0a18e1b91d8f01ace7c3f57b026692f
33b6a3730dd85bfcb91c166efd3770cca133e666a531b59761472f7c90bd0d9c
3596f6beca54ab6112a670d67c4766a393647c1161387eabb3e2f28756d4c0b1
3fe2733ebdd0dae6897477b88ff60a6e249d76071dbdc38de89ea1175ecb0211
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
423112dd3895e106201af2aff5f7d904732d74e138ca53f2dc64dd867c6b7ff0
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
49e79b40d8020d17f3be23f59c1d927620f657bfcde2efd831ed0c311f22982e
53bd56490a7a62331895e19ebefe003362fdf3ef68f9966284620942261621c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f2cb2cd65ba2bb0c87a2e394e118f989b87755f60cbe95360e29d7346bc6eb3
62ecd8174f58dafe6d94e6f2f2a3e5733f32582c0263406afb154389c6f06513
631f8f7d0e6f03aabe3623527d98e12174e11667d15d796d2ae3d70a5683f9bb
6a2f1c804d701284834ab24693ccd109c081a7fa4695f95e936c181b8646d74d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
720c8a95289e6960d1d1bc0f942b72454326297aadbf2207f1874eadd59cb91f
748b3dc777957dccf89c8b24c8dcf57192343f55b60dc4fe893ae80dbf4f4029
79400847d1eb024428495c9c6da7a5ed723ae7479ac94ac9a65d72ac2cf6d50c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9019e56b6cf73e3f3e845593b9d5aae2673b9351ca0436e1c590e87f1362bbd3
90ff7fa8f76a9a602ab0b330ce842d93ec45891898082c09c7815b8e45235d6c
9544e4b2c629d09ed1b123e0e93cb72d337fdf65024e4523e72c442abf5ecae6
990e025c438a99e8916cc9b3b69ea808659873fe0d5ffccceadcfb2aef9d7745
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ba6779d993b76d6557d41b0c78a35e91bfb59e38a5a75420ccdfcd72b46f75e
9bc30ec6bd85e3640f85f84bd2c1830d96728d42f13ce07e798b6f79da3d2837
a1c08b95821d5934b2e95cfac5afb433f306864938d41d7e7c63d6836494b790
a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387
a6b12e43f33b7798a51ad5eeaefc96a14b9b647ab5e28db16e978db9da73bde9
aad23949fb089307aebdc9522871f2f9527ec87431b1a81e508c6c42a12e47b5
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b26b145cd08c1c1ff95b8c0e15a246551241fa49c25eaa5f9800b86012df5d
b67b8d53ea5dfecb7b2c1cf5949fe4616d1924a75dfa49c35bf186bea939b747
b875caa562d323bbfdfd9bd039581e5f22d0805430cd4767119361e19aa0ce37
c12bb37b4e9cb5477aa44984b8c1a324c32bb0cd64889126cf4f4d77c31e28be
c6854ecfc55a6850b9472eb2ef903cd1cf678f9a90d6e9d14a9c674597156021
cd3a2b84a777a66fa26af37d199aa1ff2324ece005d31d903adcd961cce8b0cf
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
dce2805a2326198f9479d2017f53a4e2a8cb646c12f0cdab1ed93e1efb1210d8
deb0521abfd336178b018c0a81d0e1dda098c4e015175207235a11fc188b447e
df21a057891359f8c65d09e9d42f7b5c79faedf1d4274040018c5a797bc58571
e1babf4eaf77c6f6759c9a56652bbe05ea0d7a16ed18834161dc97d1b6569b07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6cff574f303ab4998c8b3fa7b8cf73fbcf76a7f4d752c041d19ab06af3e5924
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d91c512d846c9a4fc67d70a26e5e756f5990d7931ff43e9e07b6e022aa7724
f873e56eefbe9cfe86bafdd207bb663e6014c4e15dd863ef47208df435e2fe20