urlscan.io logo urlscan.io
SecurityTrails logo

www.ncbank.no Open in urlscan Pro
76.223.9.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ncbank.no/
Effective URL: https://www.ncbank.no/
Submission: On March 02 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 8 countries across 25 domains to perform 70 HTTP transactions. The main IP is 76.223.9.102, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.ncbank.no.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 3rd 2020. Valid for: 3 months.
This is the only time www.ncbank.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.193.204.92 14618 (AMAZON-AES)
1 76.223.9.102 16509 (AMAZON-02)
7 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 95.100.67.47 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.84.72 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 8 213.155.156.188 1299 (TELIANET ...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 69.173.144.136 26667 (RUBICONPR...)
2 2 172.217.22.34 15169 (GOOGLE)
1 3 213.155.156.185 1299 (TELIANET ...)
2 2 185.33.223.204 29990 (ASN-APPNEX)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 52.28.33.202 16509 (AMAZON-02)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 35.158.17.58 16509 (AMAZON-02)
2 3 34.240.133.139 16509 (AMAZON-02)
1 2 54.93.143.102 16509 (AMAZON-02)
1 2 37.157.4.29 198622 (ADFORM)
1 52.215.39.229 16509 (AMAZON-02)
1 2 95.100.197.53 16625 (AKAMAI-AS)
70 24
1    34.193.204.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: redirect1.proxy-ssl.webflow.com
ncbank.no
1    76.223.9.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: add4b4faa2f72e726.awsglobalaccelerator.com
www.ncbank.no
7    2600:9000:20eb:1c00:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.website-files.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
16    95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
3    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.225.84.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-72.fra2.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
17    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:10c:38f::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
8    213.155.156.188 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com
tb.de17a.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
1    69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net
cm.g.doubleclick.net
3    213.155.156.185 (Ascension Island)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
2    185.33.223.204 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 319.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    52.28.33.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    185.94.180.125 (Netherlands)

ASN35220 (SPOTX-AMS, NL)
sync.search.spotxchange.com
1    35.158.17.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    34.240.133.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-133-139.eu-west-1.compute.amazonaws.com
ad.sxp.smartclip.net
2    54.93.143.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-143-102.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    52.215.39.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-39-229.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com
2    95.100.197.53 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-53.deploy.static.akamaitechnologies.com
dsum.casalemedia.com
Domain Requested by
17 fonts.gstatic.com www.ncbank.no
ajax.googleapis.com
15 use.typekit.net www.ncbank.no
use.typekit.net
8 tb.de17a.com 1 redirects www.ncbank.no
tb.de17a.com
7 assets.website-files.com www.ncbank.no
3 ad.sxp.smartclip.net 2 redirects blank
3 d5p.de17a.com 1 redirects blank
3 www.googletagmanager.com www.ncbank.no
2 dsum.casalemedia.com 1 redirects blank
2 dmp.adform.net 1 redirects blank
2 x.bidswitch.net 1 redirects blank
2 sync.search.spotxchange.com 1 redirects blank
2 ad.360yield.com 1 redirects blank
2 ib.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 px.ads.linkedin.com 1 redirects www.ncbank.no
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 usermatch.targeting.unrulymedia.com blank
1 pixel.advertising.com blank
1 image2.pubmatic.com blank
1 pixel.rubiconproject.com blank
1 p.typekit.net www.ncbank.no
1 www.linkedin.com 1 redirects
1 www.google.de www.ncbank.no
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 sjs.bizographics.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.ncbank.no
1 ajax.googleapis.com www.ncbank.no
1 www.ncbank.no
1 ncbank.no 1 redirects
70 31
Subject Issuer Validity Valid
www.ncbank.no
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
*.website-files.com
Amazon		 2020-01-09 -
2021-02-09		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2018-04-13 -
2020-04-17		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2019-12-03 -
2020-12-02		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.smartclip.net
Amazon		 2020-02-29 -
2021-03-29		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.targeting.unrulymedia.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-02-24 -
2020-03-09		 15 days crt.sh

This page contains 8 frames:

Primary Page: https://www.ncbank.no/
Frame ID: E5EC816BB4B225A5CC20FB40923B7E7A
Requests: 52 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: 4F4F6E93089A4E38A9DC227B244DD54B
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: B3656DEDC3F7B11BFF2DD67CE33A7E78
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_3
Frame ID: 8A9561E01CB5EA6AB7D92D77A67A5CA6
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=3312032568750764232&expires=30
Frame ID: 5CAF05D8048DA8ECD808D0E953E33032
Requests: 12 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
Frame ID: 6A67573FBE06CF86C157B38751392192
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 74D4035FC29214A2E4C0A998396E17C6
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_3
Frame ID: 16F90B679D8A01FA944176666A66144B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ncbank.no/ HTTP 301
    https://www.ncbank.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
  • script /googleapis\.com\/.+webfont/i

Page Statistics

70
Requests

100 %
HTTPS

40 %
IPv6

25
Domains

31
Subdomains

24
IPs

8
Countries

4745 kB
Transfer

5108 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ncbank.no/ HTTP 301
    https://www.ncbank.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1296751992&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncbank.no%2F&ul=en-us&de=UTF-8&dt=Nordic%20Corporate%20Bank&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1910779632&gjid=1499981771&cid=1000463247.1583156787&tid=UA-145681999-1&_gid=1250676356.1583156787&_r=1&gtm=2ou2j0&z=1507682917 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_gid=1250676356.1583156787&gjid=1499981771&_v=j81&z=1507682917 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917&slf_rd=1&random=4247489755
Request Chain 40
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1429673%26url%3Dhttps%253A%252F%252Fwww.ncbank.no%252F%26time%3D1583156787406%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406&liSync=true
Request Chain 50
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Request Chain 55
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc= HTTP 302
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPXncAvcQ1CQ6gfCr8uJato&google_cver=1&google_ula=668382,0
Request Chain 56
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=8017445017986203189
Request Chain 58
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787
Request Chain 59
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1&__user_check__=1&sync_id=372a4378-5c8c-11ea-a703-197e22df0b06
Request Chain 61
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
  • https://d5p.de17a.com/getuid/smartclip?uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3312032568750764232&uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d
Request Chain 62
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=3312032568750764232&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3312032568750764232&expires=30
Request Chain 63
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=3312032568750764232 HTTP 302
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3312032568750764232
Request Chain 65
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787&C=1

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ncbank.no/
Redirect Chain
  • http://ncbank.no/
  • https://www.ncbank.no/
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
76.223.9.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
add4b4faa2f72e726.awsglobalaccelerator.com
Software
openresty /
Resource Hash
423112dd3895e106201af2aff5f7d904732d74e138ca53f2dc64dd867c6b7ff0

Request headers

:method
GET
:authority
www.ncbank.no
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
openresty
date
Mon, 02 Mar 2020 13:46:26 GMT
content-type
text/html
content-length
6306
content-encoding
gzip
x-lambda-id
2d7b2ea6-682c-45d2-833f-f1efb15c30f6
via
1.1 varnish 1.1 varnish
age
76807
x-served-by
cache-iad2145-IAD, cache-dub4331-DUB
x-cache
MISS, HIT
x-cache-hits
0, 1
x-timer
S1583156787.789696,VS0,VE0
vary
Accept-Encoding
x-cache-status
MISS
x-cluster-name
eu-west-1-prod
accept-ranges
bytes

Redirect headers

Server
openresty
Date
Mon, 02 Mar 2020 13:46:26 GMT
Content-Type
text/html
Content-Length
166
Connection
keep-alive
Location
https://www.ncbank.no/
ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.febf47506.css
assets.website-files.com/5d5be1feda745acc4e9c4a6f/css/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/css/ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.febf47506.css
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bc30ec6bd85e3640f85f84bd2c1830d96728d42f13ce07e798b6f79da3d2837

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
content-encoding
gzip
last-modified
Fri, 28 Feb 2020 15:16:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"6211c72a8311ae46c44a2e43f6ab94f9"
x-cache
Miss from cloudfront
x-amz-version-id
2xw2CJstaXSm4sHnlLodXCwHVj03ff2u
status
200
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/css
content-length
14632
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id
ya__TcenWkN3iuJy3kQCN993hBxKQrWpI-FrEZ0UO4-gou81jdkMtw==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 04 Feb 2020 17:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2319263
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Feb 2021 17:32:03 GMT
scj1ulc.js
use.typekit.net/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/scj1ulc.js
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6a2f1c804d701284834ab24693ccd109c081a7fa4695f95e936c181b8646d74d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Mon, 02 Mar 2020 13:46:26 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7798
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145681999-1
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f873e56eefbe9cfe86bafdd207bb663e6014c4e15dd863ef47208df435e2fe20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 13:46:26 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28624
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 13:46:26 GMT
5d5be1feda745a8d7f9c4ac1_NCB-logo-white.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/5d5be1feda745a8d7f9c4ac1_NCB-logo-white.svg
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd3a2b84a777a66fa26af37d199aa1ff2324ece005d31d903adcd961cce8b0cf

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 12:16:38 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 12:05:20 GMT
server
AmazonS3
age
5389
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
QOR2IDsGR_RtXNCuoflLi53M8y_TFwca
status
200
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA2-C1
content-type
image/svg+xml
x-amz-cf-id
8i9-AQTPB5CAt718V_VDczp_qKb0xvPRzK_TCxM3dodv_Kzmt7MZ8g==
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
5d5be1feda745a7f5d9c4ac2_logo-white.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ 		1 KB
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/5d5be1feda745a7f5d9c4ac2_logo-white.svg
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aad23949fb089307aebdc9522871f2f9527ec87431b1a81e508c6c42a12e47b5

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2019 12:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
vZt1qbgzKfwDjegXJqMXiSd2d5kTBtvG
status
200
cache-control
max-age=31536000, must-revalidate
content-type
image/svg+xml
x-amz-cf-id
wpT3-phGjyX0iN2BhNGu8m9wRmVxa-FIqmJXqa2IwWB7U_cFRz9eKA==
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
5d5be1feda745a10f69c4abc_fb.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ 		921 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/5d5be1feda745a10f69c4abc_fb.svg
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1c08b95821d5934b2e95cfac5afb433f306864938d41d7e7c63d6836494b790

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2019 12:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"c8af91be0acb9a0f66f94b34e28375fa"
x-cache
Miss from cloudfront
x-amz-version-id
B6kEMETP_kebXptCQZmfnLCodnNP3o7w
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/svg+xml
content-length
921
x-amz-cf-id
MVLpmW-3BCq2Wia4FaCVpW2a_5mG5QZjztfxyyo8Ve7-e1dJ2vltTg==
5d5be1feda745a7c0b9c4abd_Linkedin%20Icon.svg
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ 		626 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/5d5be1feda745a7c0b9c4abd_Linkedin%20Icon.svg
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53bd56490a7a62331895e19ebefe003362fdf3ef68f9966284620942261621c5

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2019 12:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"5bc7b506e06e458d03bb6d3ebdfb26a1"
x-cache
Miss from cloudfront
x-amz-version-id
SfhTLCpPEkIUgXaP8KxQ3tfv.wyFMhMb
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/svg+xml
content-length
626
x-amz-cf-id
HrWO1sbRZO1SgP5UItENbp8glKSkzFgcRwdfHboTcNe4JdxXbLmI5g==
jquery-3.4.1.min.220afd743d.js
d3e54v103j8qbb.cloudfront.net/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-72.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 18:13:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript
status
200
access-control-max-age
3000
cache-control
max-age=84600, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-origin
*
x-amz-cf-id
EGBFPPzha_178ELZ-mjrddOrCyvS3O1eSWx4KqWp8Ad23ZmLTMtFGg==
via
1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.2b8ddd7f6.js
assets.website-files.com/5d5be1feda745acc4e9c4a6f/js/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/js/ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.2b8ddd7f6.js
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fe2733ebdd0dae6897477b88ff60a6e249d76071dbdc38de89ea1175ecb0211

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
content-encoding
gzip
last-modified
Fri, 28 Feb 2020 15:16:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"3d1fefee2f661fd84a7650725a3bf630"
x-cache
Miss from cloudfront
x-amz-version-id
lafJNf9F_fyCaOXAR0jVrGTSlv5cF9QV
status
200
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/javascript
content-length
17924
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id
Mc99tyYg96VKgCbf83eYUHSc891X6rbQnV_SYllTUGhaUH1fmTqNwQ==
css
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
173961b6b039e5cc5c5cc6ccc82268c227c55f5787959f40ee688d3e53b93087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 13:46:27 GMT
server
ESF
date
Mon, 02 Mar 2020 13:46:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Mar 2020 13:46:27 GMT
gtm.js
www.googletagmanager.com/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PHHHRLQ
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30b903ba341f56ca4979ba83ba289315c0a18e1b91d8f01ace7c3f57b026692f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20343
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 13:46:27 GMT
gtm.js
www.googletagmanager.com/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDKRXXM
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49e79b40d8020d17f3be23f59c1d927620f657bfcde2efd831ed0c311f22982e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26507
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 13:46:27 GMT
5d5be1feda745aa5859c4ab6_Web%20tittel%20page%202.png
assets.website-files.com/5d5be1feda745acc4e9c4a6f/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/5d5be1feda745aa5859c4ab6_Web%20tittel%20page%202.png
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:1c00:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df21a057891359f8c65d09e9d42f7b5c79faedf1d4274040018c5a797bc58571

Request headers

Referer
https://assets.website-files.com/5d5be1feda745acc4e9c4a6f/css/ncb-f10fc2-49e16adf5daf25bf350c7cc8e5ad.febf47506.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 13:46:28 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified
Tue, 20 Aug 2019 12:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"94cd3a59281cd4a00e26a55ab46b3ae3"
x-cache
Miss from cloudfront
x-amz-version-id
U74V8TkgnkOgudk8Lt6XJVDKF5IV0xYr
status
200
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
content-type
image/png
content-length
4044171
x-amz-cf-id
B9sMtsSfRxHp6qG2hLNh2Zx2WDFEblAg0aVcsJVHs7yGTNAQGPKHpg==
l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
26812
l
use.typekit.net/af/9bd2dc/00000000000000003b9ae129/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9bd2dc/00000000000000003b9ae129/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
748b3dc777957dccf89c8b24c8dcf57192343f55b60dc4fe893ae80dbf4f4029

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"c36f4aef094cec41f67ac719067ceb09685d45e4"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
26268
l
use.typekit.net/af/1e0705/00000000000000003b9ae12f/27/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1e0705/00000000000000003b9ae12f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79400847d1eb024428495c9c6da7a5ed723ae7479ac94ac9a65d72ac2cf6d50c

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"4eae5f35c407eda61733c039903783dcf40d6664"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
28124
l
use.typekit.net/af/9871e5/00000000000000003b9acaf2/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9871e5/00000000000000003b9acaf2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
90ff7fa8f76a9a602ab0b330ce842d93ec45891898082c09c7815b8e45235d6c

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"f84785f4f99bb2e9fc870f91a9f92064ed1fc1cf"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
26476
l
use.typekit.net/af/a2c82e/00000000000000003b9acaf4/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a2c82e/00000000000000003b9acaf4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dce2805a2326198f9479d2017f53a4e2a8cb646c12f0cdab1ed93e1efb1210d8

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"95f5f0ad9e0fd8117c18be6ec9b55fb542c72ef2"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
26532
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145681999-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6856
date
Mon, 02 Mar 2020 11:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 02 Mar 2020 13:52:11 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 00:40:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
2379984
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11052
x-xss-protection
0
expires
Wed, 03 Feb 2021 00:40:03 GMT
CSR64z1Qlv-GDxkbKVQ_fOAKTfl8tOQ.woff2
fonts.gstatic.com/s/newscycle/v16/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/newscycle/v16/CSR64z1Qlv-GDxkbKVQ_fOAKTfl8tOQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ba6779d993b76d6557d41b0c78a35e91bfb59e38a5a75420ccdfcd72b46f75e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 01:22:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:46 GMT
server
sffe
age
563043
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12612
x-xss-protection
0
expires
Wed, 24 Feb 2021 01:22:24 GMT
CSR54z1Qlv-GDxkbKVQ_dFsvWNReuc4nG2o.woff2
fonts.gstatic.com/s/newscycle/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/newscycle/v16/CSR54z1Qlv-GDxkbKVQ_dFsvWNReuc4nG2o.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6cff574f303ab4998c8b3fa7b8cf73fbcf76a7f4d752c041d19ab06af3e5924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 15:31:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:49 GMT
server
sffe
age
2326476
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13356
x-xss-protection
0
expires
Wed, 03 Feb 2021 15:31:51 GMT
ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZUSdy4Q.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZUSdy4Q.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c7ef9c3e071f6da4717c6d89781bd8fe8f77539705317e80663d01c0c5484f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 02:01:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:09 GMT
server
sffe
age
2375125
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12764
x-xss-protection
0
expires
Wed, 03 Feb 2021 02:01:02 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:46:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:22 GMT
server
sffe
age
363601
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10968
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:46:26 GMT
Gg8nN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY7K-KzLgKkPHhI.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8nN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY7K-KzLgKkPHhI.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b26b145cd08c1c1ff95b8c0e15a246551241fa49c25eaa5f9800b86012df5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 23:11:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:46:43 GMT
server
sffe
age
570880
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12584
x-xss-protection
0
expires
Tue, 23 Feb 2021 23:11:47 GMT
Gg8hN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8M_7gqMIPBCwBw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8hN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8M_7gqMIPBCwBw.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b15085e87eaee4535cca83bf02a7cbf9dc6c7aa621ac2e95fd88110d1acef70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 06:20:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:47:50 GMT
server
sffe
age
2359543
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14420
x-xss-protection
0
expires
Wed, 03 Feb 2021 06:20:44 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5m6bvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5m6bvspYYnFBq4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1babf4eaf77c6f6759c9a56652bbe05ea0d7a16ed18834161dc97d1b6569b07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 19:37:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:49:07 GMT
server
sffe
age
2311727
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13432
x-xss-protection
0
expires
Wed, 03 Feb 2021 19:37:40 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4C6rvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4C6rvspYYnFBq4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f6739f8f525e9d07a1935d7ea0f23113d06dc58854a6919135729961adaae28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 05:29:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:47:29 GMT
server
sffe
age
2362637
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13236
x-xss-protection
0
expires
Wed, 03 Feb 2021 05:29:10 GMT
Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK7Bh4sN.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK7Bh4sN.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb0521abfd336178b018c0a81d0e1dda098c4e015175207235a11fc188b447e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 12:25:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:44:55 GMT
server
sffe
age
2337659
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13016
x-xss-protection
0
expires
Wed, 03 Feb 2021 12:25:28 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYYnFBq4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288d0edce2b398cb452d2fceed89f7f92cfbe1de0370fadae31f701ab309bf21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 07:17:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:45:09 GMT
server
sffe
age
2356156
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13316
x-xss-protection
0
expires
Wed, 03 Feb 2021 07:17:11 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYYnFBq4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33b6a3730dd85bfcb91c166efd3770cca133e666a531b59761472f7c90bd0d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 10:21:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:47:56 GMT
server
sffe
age
2345117
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13316
x-xss-protection
0
expires
Wed, 03 Feb 2021 10:21:10 GMT
Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYYnFBq4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v6/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanscondensed/v6/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYYnFBq4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d91c512d846c9a4fc67d70a26e5e756f5990d7931ff43e9e07b6e022aa7724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 00:36:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:46:22 GMT
server
sffe
age
565802
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12576
x-xss-protection
0
expires
Wed, 24 Feb 2021 00:36:25 GMT
zYX-KVElMYYaJe8bpLHnCwDKjbLuF6ZJW9XjDg.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v7/zYX-KVElMYYaJe8bpLHnCwDKjbLuF6ZJW9XjDg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f2cb2cd65ba2bb0c87a2e394e118f989b87755f60cbe95360e29d7346bc6eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 01:12:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:47:52 GMT
server
sffe
age
563613
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12768
x-xss-protection
0
expires
Wed, 24 Feb 2021 01:12:54 GMT
zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v7/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdP3pBms.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6854ecfc55a6850b9472eb2ef903cd1cf678f9a90d6e9d14a9c674597156021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 17:52:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:48:33 GMT
server
sffe
age
2318031
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13780
x-xss-protection
0
expires
Wed, 03 Feb 2021 17:52:36 GMT
zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdP3pBms.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v7/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdP3pBms.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07448ac2a8142e9e10ae393320d189506a4b3e141fb85aa88356ef81f367e964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 00:59:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:48:08 GMT
server
sffe
age
564407
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13936
x-xss-protection
0
expires
Wed, 24 Feb 2021 00:59:40 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v7/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=News+Cycle:regular,700%7CRoboto+Condensed:300,300italic,regular%7CIBM+Plex+Sans+Condensed:100,100italic,200,300,regular,500,600,700%7CIBM+Plex+Sans:100,200,300,regular
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:31:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:47:55 GMT
server
sffe
age
364508
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12872
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:31:19 GMT
insight.min.js
sjs.bizographics.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDKRXXM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:38f::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 02 Mar 2020 13:46:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=17587
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
d7.js
tb.de17a.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 12:26:49 GMT
server
nginx/1.4.6 (Ubuntu)
etag
W/"UyYs5NjvdRUUyYtiD4Yy6k--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
status
200
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6265
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1296751992&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncbank.no%2F&ul=en-us&de=UTF-8&dt=Nordic%20Corporate%20Bank&sd=24-bit&sr=1600x1200&vp=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_gid=1250676356.1583156787&gjid=1499981771&_v=j81&z=1507682917
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917&slf_rd=1&random=4247489755
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917&slf_rd=1&random=4247489755
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:46:27 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:46:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-145681999-1&cid=1000463247.1583156787&jid=1910779632&_v=j81&z=1507682917&slf_rd=1&random=4247489755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1429673%26url%3Dhttps%253A%252F%252Fwww.ncbank.no%252F%26time%3D1583156787406%26l...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406&liSync=true
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406&liSync=true
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
Lwv74LWA+BUg6XZtsSoAAA==

Redirect headers

date
Mon, 02 Mar 2020 13:46:27 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-li-uuid
CG6i2LWA+BXgsyfw2yoAAA==
server
Play
pragma
no-cache
x-li-pop
prod-efr5
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1429673&url=https%3A%2F%2Fwww.ncbank.no%2F&time=1583156787406&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
l
use.typekit.net/af/aa5b59/00000000000000003b9acaf7/27/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/aa5b59/00000000000000003b9acaf7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
30ab3fc79322e80388bcd70e3972e90e96516c0d1305468b74fca6e83cfcd0e6

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"0ac7effaca5a70e9779bf9fe86cd38f3c6730e8b"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
28024
l
use.typekit.net/af/19e775/00000000000000003b9acaf3/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/19e775/00000000000000003b9acaf3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i2&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
720c8a95289e6960d1d1bc0f942b72454326297aadbf2207f1874eadd59cb91f

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"ef62e2752903abe1f6866eedd2498b4420cbcd1b"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
27572
l
use.typekit.net/af/51b548/00000000000000003b9acaf5/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/51b548/00000000000000003b9acaf5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62ecd8174f58dafe6d94e6f2f2a3e5733f32582c0263406afb154389c6f06513

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"b2335dbddaf385d122ffcbf259ec38525db28a48"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
27916
l
use.typekit.net/af/027dd4/00000000000000003b9acafa/27/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/027dd4/00000000000000003b9acafa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b67b8d53ea5dfecb7b2c1cf5949fe4616d1924a75dfa49c35bf186bea939b747

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"37da2a6b18214f547dbbc4036f830d9caa1b9787"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
26676
l
use.typekit.net/af/133267/00000000000000003b9acafb/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/133267/00000000000000003b9acafb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a6b12e43f33b7798a51ad5eeaefc96a14b9b647ab5e28db16e978db9da73bde9

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"2f22bcacc7eb77b836718df16010751cb170c6a7"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
27700
l
use.typekit.net/af/a793eb/00000000000000003b9ae12a/27/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/a793eb/00000000000000003b9ae12a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
631f8f7d0e6f03aabe3623527d98e12174e11667d15d796d2ae3d70a5683f9bb

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"284b818e0c59fd22588876c8a889067e150f07a7"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
29272
l
use.typekit.net/af/be5018/00000000000000003b9ae12c/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/be5018/00000000000000003b9ae12c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9544e4b2c629d09ed1b123e0e93cb72d337fdf65024e4523e72c442abf5ecae6

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"1466a29a2400d00cba4482cbb7c69963849128e0"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
27404
l
use.typekit.net/af/6f12d4/00000000000000003b9ae12d/27/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6f12d4/00000000000000003b9ae12d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c12bb37b4e9cb5477aa44984b8c1a324c32bb0cd64889126cf4f4d77c31e28be

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"534e04cda0a0914c42e153773556607f04a48acb"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
25596
l
use.typekit.net/af/da19e9/00000000000000003b9ae130/27/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/da19e9/00000000000000003b9ae130/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/scj1ulc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9019e56b6cf73e3f3e845593b9d5aae2673b9351ca0436e1c590e87f1362bbd3

Request headers

Referer
https://www.ncbank.no/
Origin
https://www.ncbank.no
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
etag
"e33fa536ac13e740c7666a3ce41ddc1631329613"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
25996
getUid;c
tb.de17a.com/api/ Frame 4F4F
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
61 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
15b02397208cc775012b3cf8ac16ad7a93db133644eb9ed7ddbe02542b03b512

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
61
content-type
application/json

Redirect headers

status
307
date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx/1.4.6 (Ubuntu)
content-length
0
location
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
p.gif
p.typekit.net/ 		35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=scj1ulc&ht=tk&h=www.ncbank.no&f=26055.26056.26057.26058.26059.26062.26063.26064.29412.29413.29415.29416.29418.29419&a=2631803&js=1.19.2&app=typekit&e=js&_=1583156787667
Requested by
Host: www.ncbank.no
URL: https://www.ncbank.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://www.ncbank.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
last-modified
Mon, 04 Feb 2019 21:28:53 GMT
server
nginx
access-control-allow-origin
*
etag
"5c58ae95-23"
content-type
image/gif
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
35
expires
Mon, 19 Aug 2019 11:43:27 GMT
pageView
tb.de17a.com/api/ Frame B365 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
990e025c438a99e8916cc9b3b69ea808659873fe0d5ffccceadcfb2aef9d7745

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
2529
content-type
application/json
pageView
tb.de17a.com/api/ Frame 8A95 		87 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_3
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
3596f6beca54ab6112a670d67c4766a393647c1161387eabb3e2f28756d4c0b1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
87
content-type
application/json
tap.php
pixel.rubiconproject.com/ Frame 5CAF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=3312032568750764232&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
google
d5p.de17a.com/cookies/ Frame 5CAF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm=&google_ula=668382&google_tc=
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEPXncAvcQ1CQ6gfCr8uJato&google_cver=1&google_ula=668382,0
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEPXncAvcQ1CQ6gfCr8uJato&google_cver=1&google_ula=668382,0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.185 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-185.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:46:27 GMT
server
HTTP server (unknown)
location
https://d5p.de17a.com/cookies/google?google_gid=CAESEPXncAvcQ1CQ6gfCr8uJato&google_cver=1&google_ula=668382,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
appnexus
d5p.de17a.com/setuid/ Frame 5CAF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID
  • https://d5p.de17a.com/setuid/appnexus?anxs_uid=8017445017986203189
35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/setuid/appnexus?anxs_uid=8017445017986203189
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.185 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-185.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Mon, 02 Mar 2020 13:46:29 GMT
AN-X-Request-Uuid
7c7ae109-0290-43a3-8e38-694da093ba8e
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://d5p.de17a.com/setuid/appnexus?anxs_uid=8017445017986203189
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 319.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5CAF 		42 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=&gdpr_consent=&piggybackCookie=3312032568750764232
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 02 Mar 2020 13:46:27 GMT
X-lat
Pug22041:0:434
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
image/gif; charset=utf-8
Content-Length
42
match
ad.360yield.com/ul_cb/ Frame 5CAF
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:27 GMT
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Mon, 02 Mar 2020 13:46:27 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=61&external_user_id=3312032568750764232&expiration=1585748787
content-type
text/plain
partner
sync.search.spotxchange.com/ Frame 5CAF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1&__user_check__=1&sync_id=372a4378-5c8c-11ea-a703-197e22df0b06
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7326&uid=3312032568750764232&img=1&__user_check__=1&sync_id=372a4378-5c8c-11ea-a703-197e22df0b06
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Mar 2020 13:46:27 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 02 Mar 2020 13:46:27 GMT
Server
nginx
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7326&uid=3312032568750764232&img=1&__user_check__=1&sync_id=372a4378-5c8c-11ea-a703-197e22df0b06
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
30
Connection
keep-alive
Content-Length
0
sync
pixel.advertising.com/ups/55955/ Frame 5CAF 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55955/sync?uid=3312032568750764232&_origin=1
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.17.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Mon, 02 Mar 2020 13:46:27 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ad.sxp.smartclip.net/ Frame 5CAF
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1
  • https://d5p.de17a.com/getuid/smartclip?uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3312032568750764232&uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d
42 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3312032568750764232&uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.133.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-133-139.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Mar 2020 13:46:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length
42
Content-Type
image/gif

Redirect headers

status
302
content-length
0
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=3312032568750764232&uuid=82c3338c-5ead-4dfa-8fe4-2003e38fd21d
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
sync
x.bidswitch.net/ul_cb/ Frame 5CAF
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=228&user_id=3312032568750764232&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3312032568750764232&expires=30
43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3312032568750764232&expires=30
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.143.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-143-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:27 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Mon, 02 Mar 2020 13:46:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=3312032568750764232&expires=30
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
dmp.adform.net/serving/cookie/ Frame 5CAF
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match?party=1124&cid=3312032568750764232
  • https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3312032568750764232
35 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3312032568750764232
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
location
https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=3312032568750764232
status
302
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
3312032568750764232
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame 5CAF 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.targeting.unrulymedia.com/usermatch/delta/3312032568750764232
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.39.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-39-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 13:46:27 GMT
server
nginx
access-control-allow-origin
*
allow
GET
p3p
CP="CUR IVDo OUR IND"
status
200
cache-control
no-store, no-transform
access-control-allow-credentials
true
content-type
text/html
content-length
0
rum
dsum.casalemedia.com/ Frame 5CAF
Redirect Chain
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787
  • https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787&C=1
43 B
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787&C=1
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-197-53.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 Mar 2020 13:46:28 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 Mar 2020 13:46:28 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 Mar 2020 13:46:27 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=3312032568750764232&expiration=1585748787&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
305
Expires
Mon, 02 Mar 2020 13:46:27 GMT
getUid
tb.de17a.com/api/ Frame 6A67 		61 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
15b02397208cc775012b3cf8ac16ad7a93db133644eb9ed7ddbe02542b03b512

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:28 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
61
content-type
application/json
pageView
tb.de17a.com/api/ Frame 74D4 		87 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
b875caa562d323bbfdfd9bd039581e5f22d0805430cd4767119361e19aa0ce37

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:28 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
87
content-type
application/json
pageView
tb.de17a.com/api/ Frame 16F9 		87 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.ncbank.no%2F%22%2C%22title%22%3A%22Nordic%20Corporate%20Bank%22%2C%22trackingAccountId%22%3A%2215585%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_3
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 , Ascension Island, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-188.teliacarrier-cust.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
3596f6beca54ab6112a670d67c4766a393647c1161387eabb3e2f28756d4c0b1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Mon, 02 Mar 2020 13:46:28 GMT
server
nginx/1.4.6 (Ubuntu)
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
content-length
87
content-type
application/json

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| WebFont object| Typekit function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email object| _d7 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| La function| $ function| jQuery function| tram object| Webflow object| stickymenu number| stickymenuoffset object| theHeaders object| elFigure boolean| K

3 Cookies

Domain/Path Name / Value
.ncbank.no/ Name: _gat_gtag_UA_145681999_1
Value: 1
.ncbank.no/ Name: _gid
Value: GA1.2.1250676356.1583156787
.ncbank.no/ Name: _ga
Value: GA1.2.1000463247.1583156787

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.sxp.smartclip.net
ajax.googleapis.com
assets.website-files.com
cm.g.doubleclick.net
d3e54v103j8qbb.cloudfront.net
d5p.de17a.com
dmp.adform.net
dsum.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
ncbank.no
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
sjs.bizographics.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tb.de17a.com
use.typekit.net
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.ncbank.no
x.bidswitch.net
13.225.84.72
172.217.22.34
185.33.223.204
185.64.189.110
185.94.180.125
213.155.156.185
213.155.156.188
2600:9000:20eb:1c00:11:3b84:d200:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:809::2003
2a00:1450:4001:815::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:825::2004
2a00:1450:400c:c00::9d
2a02:26f0:10c:38f::3adf
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.193.204.92
34.240.133.139
35.158.17.58
37.157.4.29
52.215.39.229
52.28.33.202
54.93.143.102
69.173.144.136
76.223.9.102
95.100.197.53
95.100.67.47
07448ac2a8142e9e10ae393320d189506a4b3e141fb85aa88356ef81f367e964
07c7ef9c3e071f6da4717c6d89781bd8fe8f77539705317e80663d01c0c5484f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f6739f8f525e9d07a1935d7ea0f23113d06dc58854a6919135729961adaae28
15b02397208cc775012b3cf8ac16ad7a93db133644eb9ed7ddbe02542b03b512
173961b6b039e5cc5c5cc6ccc82268c227c55f5787959f40ee688d3e53b93087
288d0edce2b398cb452d2fceed89f7f92cfbe1de0370fadae31f701ab309bf21
2b15085e87eaee4535cca83bf02a7cbf9dc6c7aa621ac2e95fd88110d1acef70
30ab3fc79322e80388bcd70e3972e90e96516c0d1305468b74fca6e83cfcd0e6
30b903ba341f56ca4979ba83ba289315c0a18e1b91d8f01ace7c3f57b026692f
33b6a3730dd85bfcb91c166efd3770cca133e666a531b59761472f7c90bd0d9c
3596f6beca54ab6112a670d67c4766a393647c1161387eabb3e2f28756d4c0b1
3fe2733ebdd0dae6897477b88ff60a6e249d76071dbdc38de89ea1175ecb0211
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
423112dd3895e106201af2aff5f7d904732d74e138ca53f2dc64dd867c6b7ff0
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
49e79b40d8020d17f3be23f59c1d927620f657bfcde2efd831ed0c311f22982e
53bd56490a7a62331895e19ebefe003362fdf3ef68f9966284620942261621c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f2cb2cd65ba2bb0c87a2e394e118f989b87755f60cbe95360e29d7346bc6eb3
62ecd8174f58dafe6d94e6f2f2a3e5733f32582c0263406afb154389c6f06513
631f8f7d0e6f03aabe3623527d98e12174e11667d15d796d2ae3d70a5683f9bb
6a2f1c804d701284834ab24693ccd109c081a7fa4695f95e936c181b8646d74d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
720c8a95289e6960d1d1bc0f942b72454326297aadbf2207f1874eadd59cb91f
748b3dc777957dccf89c8b24c8dcf57192343f55b60dc4fe893ae80dbf4f4029
79400847d1eb024428495c9c6da7a5ed723ae7479ac94ac9a65d72ac2cf6d50c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9019e56b6cf73e3f3e845593b9d5aae2673b9351ca0436e1c590e87f1362bbd3
90ff7fa8f76a9a602ab0b330ce842d93ec45891898082c09c7815b8e45235d6c
9544e4b2c629d09ed1b123e0e93cb72d337fdf65024e4523e72c442abf5ecae6
990e025c438a99e8916cc9b3b69ea808659873fe0d5ffccceadcfb2aef9d7745
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ba6779d993b76d6557d41b0c78a35e91bfb59e38a5a75420ccdfcd72b46f75e
9bc30ec6bd85e3640f85f84bd2c1830d96728d42f13ce07e798b6f79da3d2837
a1c08b95821d5934b2e95cfac5afb433f306864938d41d7e7c63d6836494b790
a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387
a6b12e43f33b7798a51ad5eeaefc96a14b9b647ab5e28db16e978db9da73bde9
aad23949fb089307aebdc9522871f2f9527ec87431b1a81e508c6c42a12e47b5
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b26b145cd08c1c1ff95b8c0e15a246551241fa49c25eaa5f9800b86012df5d
b67b8d53ea5dfecb7b2c1cf5949fe4616d1924a75dfa49c35bf186bea939b747
b875caa562d323bbfdfd9bd039581e5f22d0805430cd4767119361e19aa0ce37
c12bb37b4e9cb5477aa44984b8c1a324c32bb0cd64889126cf4f4d77c31e28be
c6854ecfc55a6850b9472eb2ef903cd1cf678f9a90d6e9d14a9c674597156021
cd3a2b84a777a66fa26af37d199aa1ff2324ece005d31d903adcd961cce8b0cf
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
dce2805a2326198f9479d2017f53a4e2a8cb646c12f0cdab1ed93e1efb1210d8
deb0521abfd336178b018c0a81d0e1dda098c4e015175207235a11fc188b447e
df21a057891359f8c65d09e9d42f7b5c79faedf1d4274040018c5a797bc58571
e1babf4eaf77c6f6759c9a56652bbe05ea0d7a16ed18834161dc97d1b6569b07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6cff574f303ab4998c8b3fa7b8cf73fbcf76a7f4d752c041d19ab06af3e5924
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d91c512d846c9a4fc67d70a26e5e756f5990d7931ff43e9e07b6e022aa7724
f873e56eefbe9cfe86bafdd207bb663e6014c4e15dd863ef47208df435e2fe20