nordicpresentwork.space
Open in
urlscan Pro
87.236.16.245
Malicious Activity!
Public Scan
URL:
https://nordicpresentwork.space/
Submission: On July 01 via api from US — Scanned from DE
Submission: On July 01 via api from US — Scanned from DE
Summary
This website contacted 37 IPs
in 6 countries
across 37 domains to perform 136 HTTP transactions.
The main IP is 87.236.16.245, located in
Russian Federation and
belongs to BEGET-AS, RU.
The main domain is nordicpresentwork.space.
TLS certificate: Issued by R3 on June 29th 2023. Valid for: 3 months.
This is the only time nordicpresentwork.space was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 29th 2023. Valid for: 3 months.
This is the only time nordicpresentwork.space was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Randolph Brooks Federal Credit Union (Banking)Domain & IP information
65
87.236.16.245
(Russian Federation)
ASN198610 (BEGET-AS, RU)
PTR: ssl.loki.beget.com
ASN198610 (BEGET-AS, RU)
PTR: ssl.loki.beget.com
| nordicpresentwork.space |
1
2a00:1450:4001:802::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a03:2880:f084:d:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
3
2a00:1450:4001:80b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
4
18.66.97.95
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-95.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-95.fra56.r.cloudfront.net
| cdn.segmint.net |
2
23.210.118.178
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-118-178.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-118-178.deploy.static.akamaitechnologies.com
| munchkin.marketo.net |
1
2a03:2880:f173:81:face:b00c:0:25de
(Amsterdam, Netherlands)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
2600:9000:20eb:e800:2:53b2:240:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| cdn.linkedin.oribi.io |
4
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| px.ads.linkedin.com | |
| www.linkedin.com |
6
52.87.52.236
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-52-236.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-52-236.compute-1.amazonaws.com
| connect.segmint.net | |
| maprtb.segmint.net |
24
35.204.74.118
(Groningen, Netherlands)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
| um.simpli.fi |
2
34.90.223.176
(Groningen, Netherlands)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.223.90.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.223.90.34.bc.googleusercontent.com
| tag.simpli.fi | |
| i.simpli.fi |
1
76.223.111.18
(United States)
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
| eb2.3lift.com |
1
2600:1f18:612b:4264:16fa:8844:6a74:e97a
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| simplifi.partners.tremorhub.com |
2
34.111.113.62
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
| pixel.tapad.com |
1
52.58.191.52
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-191-52.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-191-52.eu-central-1.compute.amazonaws.com
| aa.agkn.com |
1
3.72.196.231
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-196-231.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-196-231.eu-central-1.compute.amazonaws.com
| d.agkn.com |
1
52.222.214.59
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-59.fra56.r.cloudfront.net
| sync.intentiq.com |
2
35.244.174.68
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
2
18.198.126.47
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
| loadm.exelator.com |
1
35.153.221.178
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-221-178.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-221-178.compute-1.amazonaws.com
| sync.bfmio.com |
1
23.192.153.172
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-192-153-172.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
1
54.217.8.192
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-8-192.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-8-192.eu-west-1.compute.amazonaws.com
| bcp.crwdcntrl.net |
1
142.250.185.66
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
| www.googleadservices.com |
1
2a00:1450:4001:80f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
2
37.252.171.52
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
1
34.98.64.218
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
3
142.250.184.226
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
| cm.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 65 |
nordicpresentwork.space
nordicpresentwork.space |
593 KB |
| 26 |
simpli.fi
19 redirects
um.simpli.fi — Cisco Umbrella Rank: 981 tag.simpli.fi — Cisco Umbrella Rank: 4572 i.simpli.fi — Cisco Umbrella Rank: 3802 |
15 KB |
| 10 |
segmint.net
cdn.segmint.net — Cisco Umbrella Rank: 42708 connect.segmint.net — Cisco Umbrella Rank: 48052 maprtb.segmint.net — Cisco Umbrella Rank: 73004 |
73 KB |
| 10 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
463 KB |
| 5 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544 |
5 KB |
| 5 |
doubleclick.net
4 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 |
2 KB |
| 3 |
bing.com
bat.bing.com — Cisco Umbrella Rank: 390 |
13 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63 |
21 KB |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 257 |
2 KB |
| 2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 794 |
1 KB |
| 2 |
exelator.com
1 redirects
loadm.exelator.com — Cisco Umbrella Rank: 1652 |
2 KB |
| 2 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 428 |
140 B |
| 2 |
pro-market.net
2 redirects
fei.pro-market.net — Cisco Umbrella Rank: 2646 |
829 B |
| 2 |
agkn.com
2 redirects
aa.agkn.com — Cisco Umbrella Rank: 533 d.agkn.com — Cisco Umbrella Rank: 696 |
1 KB |
| 2 |
tapad.com
1 redirects
pixel.tapad.com — Cisco Umbrella Rank: 524 |
1 KB |
| 2 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 10 |
2 KB |
| 2 |
marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3991 |
6 KB |
| 2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914 |
6 KB |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173 |
89 KB |
| 1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 496 |
273 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374 |
239 B |
| 1 |
google.de
www.google.de — Cisco Umbrella Rank: 4752 |
455 B |
| 1 |
googleadservices.com
1 redirects
www.googleadservices.com — Cisco Umbrella Rank: 169 |
565 B |
| 1 |
lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1060 |
311 B |
| 1 |
crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 959 |
265 B |
| 1 |
bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 597 |
444 B |
| 1 |
bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1596 |
421 B |
| 1 |
intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1205 |
|
| 1 |
tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6365 |
175 B |
| 1 |
3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422 |
140 B |
| 1 |
mktoresp.com
079-spx-435.mktoresp.com — Cisco Umbrella Rank: 437511 |
318 B |
| 1 |
oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031 |
374 B |
| 1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
185 B |
| 1 |
cdnstat.net
cdnstat.net — Cisco Umbrella Rank: 669694 |
703 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79 |
91 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88 |
2 KB |
| 0 |
rbfcu.org
Failed
www.rbfcu.org Failed |
|
| 136 | 37 |
| Domain | Requested by | |
|---|---|---|
| 65 | nordicpresentwork.space |
nordicpresentwork.space
|
| 24 | um.simpli.fi | 19 redirects |
| 6 | fonts.gstatic.com |
fonts.googleapis.com
www.google.com |
| 5 | connect.segmint.net |
nordicpresentwork.space
|
| 4 | cdn.segmint.net |
nordicpresentwork.space
|
| 4 | www.gstatic.com |
nordicpresentwork.space
www.google.com www.gstatic.com |
| 3 | cm.g.doubleclick.net | 3 redirects |
| 3 | px.ads.linkedin.com | 3 redirects |
| 3 | bat.bing.com |
nordicpresentwork.space
bat.bing.com |
| 3 | www.google-analytics.com |
nordicpresentwork.space
|
| 2 | ib.adnxs.com | 1 redirects |
| 2 | sync.search.spotxchange.com | 1 redirects |
| 2 | loadm.exelator.com | 1 redirects |
| 2 | idsync.rlcdn.com | |
| 2 | fei.pro-market.net | 2 redirects |
| 2 | pixel.tapad.com | 1 redirects |
| 2 | www.google.com |
1 redirects
www.gstatic.com
|
| 2 | munchkin.marketo.net |
nordicpresentwork.space
munchkin.marketo.net |
| 2 | snap.licdn.com |
nordicpresentwork.space
snap.licdn.com |
| 2 | connect.facebook.net |
nordicpresentwork.space
connect.facebook.net |
| 1 | us-u.openx.net | |
| 1 | pixel.rubiconproject.com | |
| 1 | www.google.de | |
| 1 | googleads.g.doubleclick.net | 1 redirects |
| 1 | www.googleadservices.com | 1 redirects |
| 1 | ce.lijit.com | |
| 1 | bcp.crwdcntrl.net | |
| 1 | stags.bluekai.com | |
| 1 | sync.bfmio.com | |
| 1 | sync.intentiq.com | |
| 1 | d.agkn.com | 1 redirects |
| 1 | aa.agkn.com | 1 redirects |
| 1 | simplifi.partners.tremorhub.com | |
| 1 | eb2.3lift.com | |
| 1 | i.simpli.fi |
tag.simpli.fi
|
| 1 | tag.simpli.fi |
connect.segmint.net
|
| 1 | maprtb.segmint.net |
connect.segmint.net
|
| 1 | 079-spx-435.mktoresp.com |
munchkin.marketo.net
|
| 1 | px4.ads.linkedin.com |
nordicpresentwork.space
|
| 1 | www.linkedin.com | 1 redirects |
| 1 | cdn.linkedin.oribi.io |
nordicpresentwork.space
|
| 1 | www.facebook.com |
nordicpresentwork.space
|
| 1 | cdnstat.net |
nordicpresentwork.space
|
| 1 | stats.g.doubleclick.net |
nordicpresentwork.space
|
| 1 | www.googletagmanager.com |
nordicpresentwork.space
|
| 1 | fonts.googleapis.com |
nordicpresentwork.space
|
| 0 | www.rbfcu.org Failed |
nordicpresentwork.space
|
| 136 | 47 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| nordicpresentwork.space R3 |
2023-06-29 - 2023-09-27 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-04-09 - 2023-07-08 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
| www.bing.com Microsoft RSA TLS CA 02 |
2023-02-16 - 2023-08-16 |
6 months | crt.sh |
| *.segmint.net Amazon RSA 2048 M02 |
2023-03-01 - 2023-12-30 |
10 months | crt.sh |
| *.marketo.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-06 - 2024-02-05 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
| cdnstat.net E1 |
2023-05-23 - 2023-08-21 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
| linkedin.oribi.io Amazon RSA 2048 M01 |
2023-06-08 - 2024-07-07 |
a year | crt.sh |
| *.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-05 - 2023-11-05 |
a year | crt.sh |
| *.simpli.fi DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-07 - 2023-12-08 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://nordicpresentwork.space/
Frame ID: 17909161CD0DE8A6F6330CF3EF6CC4DD
Requests: 105 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYh_AUAAAAAKbJlmG8F-vRfDnIyytTTa9Rkzmj&co=aHR0cHM6Ly9ub3JkaWNwcmVzZW50d29yay5zcGFjZTo0NDM.&hl=en&v=khH7Ei3klcvfRI74FvDcfuOo&size=invisible&cb=ronkcz7phwi9
Frame ID: 2792C42E1C59A2740A21A1E1A446C49B
Requests: 5 HTTP requests in this frame
Frame:
https://connect.segmint.net/iframe/doughnut/en177X7n8q
Frame ID: 39E424025CE1A79EA4146E3C7E358500
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Banking, Auto, Loans, Credit Cards, Mortgages | RBFCU - TexasDetected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Flickity (JavaScript Libraries) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /flickity(?:\.pkgd)?(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Marketo
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: https://rbfcu.cudlautosmart.com/
Title: Search New & Used Vehicles
Title: Search New & Used Vehicles
Search URL Search Domain Scan URL
URL: https://www.loanliner.com/Calculation/Presenter/04205238/form?protectionPackageId=0857803718234101819&loanSubType=1&subtype=Vehicle&loanClass=CLOSED_END&locationId=6641923818234101732&Integrated=false&isFramed=false
Title: Get a GAP or MRC Quote
Title: Get a GAP or MRC Quote
Search URL Search Domain Scan URL
URL: https://www.nationwide.com/RBFCU.jsp
Title: Enroll Online
Title: Enroll Online
Search URL Search Domain Scan URL
URL: https://oac.fmsiportal.com/AppointmentWidget/service?urlCode=SZ62SMKWC9AIVIQPZ505&mp=wi&mpskip=1
Title: Schedule an Appointment
Title: Schedule an Appointment
Search URL Search Domain Scan URL
URL: https://apps.apple.com/us/app/rbfcu/id1445104238
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=org.rbfcu.olb.mobile
Search URL Search Domain Scan URL
URL: https://connect.segmint.net/trackclick/en1KL9Lg7au5BX/?click=en15MxnuGXauXM5M&destination=rPCjbQixiTzJdyUZK5Jms4xBk7s7rgcErBoAslP-lvJpfmXE1fSomw
Search URL Search Domain Scan URL
URL: https://connect.segmint.net/trackclick/en1xxXxbgquX59/?click=en1zGnLSaRdCj65j&destination=e6D_BpHOjvTVX7wiyQnbIuqXiR7yyQQ9Y94E4fKyCu2F-vHaadvFeZMIfqYSyfpPiWK553y9f-lZtofq21eHkoTAjnvFAzdxaX5lxNX0qJs
Search URL Search Domain Scan URL
URL: https://www.facebook.com/rbfcu
Search URL Search Domain Scan URL
URL: https://twitter.com/rbfcu
Search URL Search Domain Scan URL
URL: https://www.instagram.com/rbfcu/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/rbfcu
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/randolph-brooks-federal-credit-union
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 97- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1688202048761&url=https%3A%2F%2Fnordicpresentwork.space%2F HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1688202048761&url=https%3A%2F%2Fnordicpresentwork.space%2F&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1688202048761%26url%3Dhttps%253A%252F%252Fnordicpresentwork.space%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1688202048761&url=https%3A%2F%2Fnordicpresentwork.space%2F&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1688202048761&url=https%3A%2F%2Fnordicpresentwork.space%2F&cookiesTest=true&liSync=true&e_ipv6=AQL_uByBRN3LLQAAAYkQrvjC2MdI5HiMl8GNzNMezRDuezgFwEbDToEbmkheUkSa1q4Rk-mcEnGU0mRpdX7tMXSq1T2Kwg
- https://um.simpli.fi/segmint HTTP 302
- https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/triplelift HTTP 302
- https://eb2.3lift.com/xuid?mid=7969&xuid=F6B0405DD37C4553B1CC75FADBA46BA8&dongle=yf3
- https://um.simpli.fi/telaria_p HTTP 302
- https://simplifi.partners.tremorhub.com/sync?UISF=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/tapad HTTP 302
- https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=F6B0405DD37C4553B1CC75FADBA46BA8 HTTP 302
- https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/ad_advisor HTTP 302
- https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=F6B0405DD37C4553B1CC75FADBA46BA8 HTTP 302
- https://d.agkn.com/pixel/10751/?che=1688202051399&ip=84.19.175.183&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216533104564001249857 HTTP 302
- https://um.simpli.fi/aa_px?sk=216533104564001249857 HTTP 302
- https://um.simpli.fi/empty.gif
- https://um.simpli.fi/intentiq HTTP 302
- https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/dtnx HTTP 302
- https://fei.pro-market.net/engine?du=24;csync=F6B0405DD37C4553B1CC75FADBA46BA8;mimetype=img; HTTP 302
- https://fei.pro-market.net/engine?du=24;csync=F6B0405DD37C4553B1CC75FADBA46BA8;mimetype=img;sr HTTP 302
- https://idsync.rlcdn.com/400646.gif?partner_uid=-6996192455509063076
- https://um.simpli.fi/exelatem HTTP 302
- https://loadm.exelator.com/load/?p=204&g=2191&simid=F6B0405DD37C4553B1CC75FADBA46BA8&j=0 HTTP 302
- https://loadm.exelator.com/load/?p=204&g=2191&simid=F6B0405DD37C4553B1CC75FADBA46BA8&j=0&xl8blockcheck=1
- https://um.simpli.fi/beachfront HTTP 302
- https://sync.bfmio.com/sync?pid=141&uid=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/bluekai HTTP 302
- https://stags.bluekai.com/site/29931?id=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/crwdcntrl HTTP 302
- https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/lj_match HTTP 302
- https://ce.lijit.com/merge?pid=2&3pid=F6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/liveramp_match HTTP 302
- https://idsync.rlcdn.com/419566.gif?partner_uid=F6B0405DD37C4553B1CC75FADBA46BA8
- https://www.googleadservices.com/pagead/conversion/1026675585/?random=1688202051263&cv=7&fst=1688202051263&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1950592903&cv=7&fst=1688202051263&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Q-ufZNyZFvqC7_UP4Oq5-AY&sscte=1&crd=&pscrd=IhMInMfS3JLt_wIVesG7CB1gdQ5v HTTP 302
- https://www.google.com/pagead/1p-conversion/1026675585/?random=1950592903&cv=7&fst=1688202051263&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMInMfS3JLt_wIVesG7CB1gdQ5v&is_vtc=1&ocp_id=Q-ufZNyZFvqC7_UP4Oq5-AY&cid=CAQSKQBygQiDoVIQH01D2z2u9TMW8Gf46MCr6gvEP8RRw5J3burtXhyow6m7&random=567348056 HTTP 302
- https://www.google.de/pagead/1p-conversion/1026675585/?random=1950592903&cv=7&fst=1688202051263&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMInMfS3JLt_wIVesG7CB1gdQ5v&is_vtc=1&ocp_id=Q-ufZNyZFvqC7_UP4Oq5-AY&cid=CAQSKQBygQiDoVIQH01D2z2u9TMW8Gf46MCr6gvEP8RRw5J3burtXhyow6m7&random=567348056&ipr=y
- https://um.simpli.fi/spotx_match HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7797&uid=F6B0405DD37C4553B1CC75FADBA46BA8 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7797&uid=F6B0405DD37C4553B1CC75FADBA46BA8&__user_check__=1&sync_id=c75d144f-17ed-11ee-802a-130dfa940406
- https://um.simpli.fi/an HTTP 302
- https://ib.adnxs.com/setuid?entity=66&code=F6B0405DD37C4553B1CC75FADBA46BA8 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DF6B0405DD37C4553B1CC75FADBA46BA8
- https://um.simpli.fi/rb_match HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F6B0405DD37C4553B1CC75FADBA46BA8&expires=365
- https://um.simpli.fi/ox_match HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537072966&val=F6B0405DD37C4553B1CC75FADBA46BA8
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
- https://um.simpli.fi/g_match?id=&google_gid=CAESEN3k1Z5-j6H40X0jh4iwZL0&google_cver=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F6B0405DD37C4553B1CC75FADBA46BA8 HTTP 302
- https://um.simpli.fi/g_match?id=
136 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
nordicpresentwork.space/ |
79 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
nordicpresentwork.space/js/ |
171 KB 46 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
nordicpresentwork.space/js/ |
296 KB 90 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
randolph-common.js
nordicpresentwork.space/js/ |
501 B 380 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
randolph-common_1.js
nordicpresentwork.space/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
randolph-common_2.js
nordicpresentwork.space/js/ |
284 KB 161 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
26 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flickity.min.css
nordicpresentwork.space/css/ |
2 KB 848 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mmenu.css
nordicpresentwork.space/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mmenu.themes.css
nordicpresentwork.space/css/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mmenu.pagedim.css
nordicpresentwork.space/css/ |
465 B 361 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fuse.base.min.css
nordicpresentwork.space/css/ |
44 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fuse.min.css
nordicpresentwork.space/css/ |
113 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
global-print.min.css
nordicpresentwork.space/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rbfcu-logo.svg
nordicpresentwork.space/fonts/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
search-icon.svg
nordicpresentwork.space/fonts/ |
1 KB 874 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app-store-badge.gif
nordicpresentwork.space/images/ |
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google-play-badge.gif
nordicpresentwork.space/images/ |
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
grad-cap-and-book-1.svg
nordicpresentwork.space/fonts/ |
2 KB 851 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ret-prg-2023planfuturewmoreconf-cs-05-11-2023.jpg
nordicpresentwork.space/images/ |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ins-agy-2023-just-ask-crosssellad_final.jpg
nordicpresentwork.space/images/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
security-and-fraud-center-inverse.svg
nordicpresentwork.space/fonts/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ScriptResource_1.axd
nordicpresentwork.space/ |
87 KB 30 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ScriptResource.axd
nordicpresentwork.space/ |
8 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BluENGinsurlabel-RBFCU-Web-Blue.svg
nordicpresentwork.space/fonts/ |
73 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ehl.svg
nordicpresentwork.space/fonts/ |
372 B 493 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Facebook-Square.svg
nordicpresentwork.space/fonts/ |
374 B 463 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Twitter-Square.svg
nordicpresentwork.space/fonts/ |
613 B 555 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Instagram-Square.svg
nordicpresentwork.space/fonts/ |
568 B 506 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
YouTube-Square.svg
nordicpresentwork.space/fonts/ |
615 B 544 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
LinkedIn-Square.svg
nordicpresentwork.space/fonts/ |
609 B 553 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
segmint.min.js
nordicpresentwork.space/js/ |
16 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ask-question.svg
nordicpresentwork.space/fonts/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
nordicpresentwork.space/js/ |
88 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flickity.pkgd.min.js
nordicpresentwork.space/js/ |
53 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg-lazyload.js
nordicpresentwork.space/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mmenu.min.js
nordicpresentwork.space/js/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rates.min.js
nordicpresentwork.space/js/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spin.min.js
nordicpresentwork.space/js/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.min.js
nordicpresentwork.space/js/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chat-script.min.js
nordicpresentwork.space/js/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dropdown.min.js
nordicpresentwork.space/js/ |
2 KB 1005 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
nordicpresentwork.space/js/ |
884 B 789 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
toggle-switch.min.js
nordicpresentwork.space/js/ |
292 B 413 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.min.js
nordicpresentwork.space/js/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popup.min.js
nordicpresentwork.space/js/ |
613 B 570 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popup.min_1.js
nordicpresentwork.space/js/ |
613 B 570 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product-carousel.min.js
nordicpresentwork.space/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WebResource.axd
nordicpresentwork.space/ |
4 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
env-config.js
nordicpresentwork.space/js/ |
306 B 442 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
verification.min.js
nordicpresentwork.space/js/ |
56 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
296 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
171 KB 47 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
money-market.svg
nordicpresentwork.space/fonts/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rbfcu19-graphic-icons-blue-2019_get-paid-early-%281%29.svg
nordicpresentwork.space/fonts/ |
9 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage-icons_auto.svg
nordicpresentwork.space/fonts/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fha-va.svg
nordicpresentwork.space/fonts/ |
1 KB 772 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spoofing-icon.svg
nordicpresentwork.space/fonts/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
privacy-and-security-videos.svg
nordicpresentwork.space/fonts/ |
12 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
phising.svg
nordicpresentwork.space/fonts/ |
11 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons_security.svg
nordicpresentwork.space/fonts/ |
1 KB 807 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
1 KB 772 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bat.js
bat.bing.com/ |
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1710703332560176
connect.facebook.net/signals/config/ |
153 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ |
427 KB 172 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 214 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
94eff061-4bff-4bfd-a84b-212c13bf2872.json
cdn.segmint.net/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
94eff061-4bff-4bfd-a84b-212c13bf2872.json
cdn.segmint.net/ |
313 B 924 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4031169.js
bat.bing.com/p/action/ |
0 117 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 351 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
minAnnualRate
www.rbfcu.org/rate/products/PREMCC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
minAnnualRate
www.rbfcu.org/rate/products/CASHCC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
maxAnnualRate
www.rbfcu.org/rate/products/PREMCC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
maxAnnualRate
www.rbfcu.org/rate/products/CASHCC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
minAnnualRate
www.rbfcu.org/rate/products/BSMC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
maxAnnualRate
www.rbfcu.org/rate/products/BSMC/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cuso-serv-web-icon-investments.svg
nordicpresentwork.space/images/default-source/icons/ |
283 B 283 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cuso-serv-web-icon-trust_services.svg
nordicpresentwork.space/images/default-source/icons/ |
283 B 283 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rbfcu19-graphic-icons-blue-2019_umbrella-insurance.svg
nordicpresentwork.space/images/default-source/icons/ |
283 B 283 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cuso-serv-web-icon-medicare.svg
nordicpresentwork.space/images/default-source/icons/ |
283 B 283 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cuso-serv-web-icon-fha_loan.svg
nordicpresentwork.space/images/default-source/icons/ |
283 B 283 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cuso-serv-web-icon-realty.svg
nordicpresentwork.space/images/default-source/icons/ |
283 B 283 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0
bat.bing.com/action/ |
0 287 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
cdnstat.net/get/ |
129 B 703 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
leave-site
nordicpresentwork.space/fragments/ |
283 B 350 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 2792 |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
b7dffde0-eaaf-4ec4-bba8-6e0598fceac2
https://nordicpresentwork.space/ |
2 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/163/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
token
cdn.linkedin.oribi.io/partner/2367698/domain/nordicpresentwork.space/ |
36 B 374 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 264 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
visitWebPage
079-spx-435.mktoresp.com/webevents/ |
2 B 318 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 2792 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 2792 |
427 KB 172 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2792 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2792 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
event
connect.segmint.net/ |
0 648 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en177X7n8q
connect.segmint.net/iframe/doughnut/ Frame 39E4 |
509 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en1KL9Lg7au5BX
connect.segmint.net/bearclaw/invoke/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en1xxXxbgquX59
connect.segmint.net/bearclaw/invoke/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
event
connect.segmint.net/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
027b0199a9f444569962f5feaa031afa.jpg
cdn.segmint.net/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6b31609f31be4b488a9442458eea5b4a.jpg
cdn.segmint.net/ |
54 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-mapper
maprtb.segmint.net/rtb/simpli-fi/ Frame 39E4 Redirect Chain
|
43 B 412 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ec0a3730-0bdd-0139-387d-06abc14c0bc6
tag.simpli.fi/sifitag/ Frame 39E4 |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
i.simpli.fi/ Frame 39E4 |
756 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Frame 39E4 Redirect Chain
|
37 B 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
simplifi.partners.tremorhub.com/ Frame 39E4 Redirect Chain
|
43 B 175 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
check
pixel.tapad.com/idsync/ex/receive/ Frame 39E4 Redirect Chain
|
95 B 435 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
empty.gif
um.simpli.fi/ Frame 39E4 Redirect Chain
|
43 B 361 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 39E4 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubmatic
um.simpli.fi/ Frame 39E4 |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
freewheel
um.simpli.fi/ Frame 39E4 |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
400646.gif
idsync.rlcdn.com/ Frame 39E4 Redirect Chain
|
0 42 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
loadm.exelator.com/load/ Frame 39E4 Redirect Chain
|
0 771 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
yahoo
um.simpli.fi/ Frame 39E4 |
43 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
sync.bfmio.com/ Frame 39E4 Redirect Chain
|
0 421 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
29931
stags.bluekai.com/site/ Frame 39E4 Redirect Chain
|
62 B 444 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tpid=F6B0405DD37C4553B1CC75FADBA46BA8
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/ Frame 39E4 Redirect Chain
|
49 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
merge
ce.lijit.com/ Frame 39E4 Redirect Chain
|
0 311 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
419566.gif
idsync.rlcdn.com/ Frame 39E4 Redirect Chain
|
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-conversion/1026675585/ Frame 39E4 Redirect Chain
|
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 39E4 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 39E4 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 39E4 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 39E4 Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g_match
um.simpli.fi/ Frame 39E4 Redirect Chain
|
0 320 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.rbfcu.org
- URL
- https://www.rbfcu.org/rate/products/PREMCC/minAnnualRate?allDepositAccRequested=true
- Domain
- www.rbfcu.org
- URL
- https://www.rbfcu.org/rate/products/CASHCC/minAnnualRate?allDepositAccRequested=true
- Domain
- www.rbfcu.org
- URL
- https://www.rbfcu.org/rate/products/PREMCC/maxAnnualRate?allDepositAccRequested=true
- Domain
- www.rbfcu.org
- URL
- https://www.rbfcu.org/rate/products/CASHCC/maxAnnualRate?allDepositAccRequested=true
- Domain
- www.rbfcu.org
- URL
- https://www.rbfcu.org/rate/products/BSMC/minAnnualRate?allDepositAccRequested=true
- Domain
- www.rbfcu.org
- URL
- https://www.rbfcu.org/rate/products/BSMC/maxAnnualRate?allDepositAccRequested=true
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Randolph Brooks Federal Credit Union (Banking)140 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| __sl_matchers object| dataLayer number| fullStoryLimitPercent function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| uetq function| $ function| jQuery object| products string| id object| productRecord function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded undefined| pointOrigination object| rates function| Spinner function| getHeaderHeight function| configureLogin string| flexUiAppDetail string| flexUiOsType string| flexUiOsModel string| flexUiOsVersion undefined| counterTimer undefined| timerId string| baseApiUrl number| idleTime number| activityTimer string| currentEnvUrl number| counter number| timeLeft string| currentUrlHref boolean| chatEnvIsPrd object| elem string| chatScriptSrc string| pageAction string| flexUiAppVersion string| chatDataLocalStorage object| chatConfig object| chatStatus string| apiVersionPrd string| apiVersionQat string| CHAT_CREATED string| TRANSFER_TO_AGENT_INITIATED string| TRANSFER_TO_AGENT string| CHAT_ACTIVE object| urls function| loadChatDetails function| additionalFunctions function| validateExistingCsrf function| tykCsrf function| getAuthUrl function| setEnvironment function| tykAuth function| checkActivity function| resetTimers function| tykPing function| logout function| lauchIdleTimeoutModal function| setCounter function| countdown function| resetCounter function| closeIdleTimeoutModal function| checkClick function| flexChatConfig function| closeChat function| clearCsrfToken object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| grecaptchaToken function| onKeyPopupInput function| loginSubmit function| processLoginSubmit function| storeUserInfoWithEntityResponse function| isValidEnitySession function| setCsrfToken function| triggerAsyncProfile function| setLoader function| currentMember function| redirectUserLocked function| redirectGuestLocked function| redirectResetPassword function| redirectFirstTimeCreateUsername function| redirectSecurityQuestionLockedGuest function| redirectSecurityQuestionLocked function| redirectSecurityQuestionUpdate string| pc_DESKTOP string| pc_MOBILE string| pc_currentScreen number| pc_maxProductsMobile number| pc_maxProductsDesktop object| pc_carousels object| pc_firstProducts object| pc_lastProducts function| getCarouselsInfo function| checkMobileViewCarousels function| prevProduct function| nextProduct function| toggleProducts function| showInitialProducts function| productTemplate object| PersonalizationTracker object| gaplugins object| gaGlobal object| gaData function| __xr_ssd object| $egmint object| ENV_CONFIG function| openRates function| UET function| UET_init function| UET_push object| ueto_7b60ff8a76 object| recaptcha object| closure_lm_717270 function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| lintrk boolean| _already_called_lintrk object| MunchkinTracker39 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| nordicpresentwork.space/ | Name: PHPREFS Value: full |
|
| nordicpresentwork.space/ | Name: sf-prs-ss Value: 638237988442010000 |
|
| nordicpresentwork.space/ | Name: sf-prs-lu Value: https://nordicpresentwork.space/ |
|
| .nordicpresentwork.space/ | Name: _ga Value: GA1.2.279477753.1688202044 |
|
| .nordicpresentwork.space/ | Name: _gid Value: GA1.2.1021236487.1688202044 |
|
| .nordicpresentwork.space/ | Name: _gat_UA-6286893-1 Value: 1 |
|
| .nordicpresentwork.space/ | Name: _uetsid Value: c5a9bbe017ed11eebac4d3f7be474f1b |
|
| .nordicpresentwork.space/ | Name: _uetvid Value: c5a9b6d017ed11ee908051414b4a2663 |
|
| .bing.com/ | Name: MUID Value: 0FEAAADF5391637C13BBB99E523D62C8 |
|
| .nordicpresentwork.space/ | Name: _fbp Value: fb.1.1688202048655.1440129841 |
|
| nordicpresentwork.space/ | Name: ln_or Value: eyIyMzY3Njk4IjoiZCJ9 |
|
| .nordicpresentwork.space/ | Name: _mkto_trk Value: id:079-SPX-435&token:_mch-nordicpresentwork.space-1688202049094-10071 |
|
| .linkedin.com/ | Name: li_sugr Value: 8a39ea60-4eec-44bf-bc89-6039889ba731 |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&4906ab23-aeef-4ad1-81dc-1045d793b621" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2955:u=1:x=1:i=1688202049:t=1688288449:v=2:sig=AQHsFWj74JbU5y6WbtbCyNtjuGNPKsgM" |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQIYs77bQlZVKQAAAYkQrvc0Bn7ajeG6yQ3G4c2gufOd1IYzKIC-ug1SUiLRSPux39pI3QXyh1hYeQ |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJSzp0DdN3qYAAAAYkQrvc0y1hjJXPN8CwV6H8-A32h_BarYIucZ6js_fjgqA3vmqF4Y4TIASmyIEKdfM8MpQ |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&20230701090049228d6102-ac1f-452e-84b8-f19659d2f0deAQEPZ6OOIWwXtA93kmxeK8eu2s-q05pB" |
|
| .linkedin.com/ | Name: li_gc Value: MTswOzE2ODgyMDIwNDk7MjswMjFHMR3PvEXHesqqY8VbnVy5ItgC8k93EYKlC8+rPKDhew== |
|
| .segmint.net/ | Name: SegmintId Value: 1be0178ba7804a79892026fd6fc350f1 |
|
| .simpli.fi/ | Name: suid Value: F6B0405DD37C4553B1CC75FADBA46BA8 |
|
| .simpli.fi/ | Name: uid_syncd_secure Value: true |
|
| .tapad.com/ | Name: TapAd_TS Value: 1688202051394 |
|
| .tapad.com/ | Name: TapAd_DID Value: 314d7abe-155b-4b2e-986b-85d53bb01832 |
|
| .agkn.com/ | Name: ab Value: 0001%3A%2FQjubc3eH%2BuLZVWd%2FEQPhIJsfXxzNvqn |
|
| .adnxs.com/ | Name: uuid2 Value: 5819271768568197860 |
|
| .pro-market.net/ | Name: anProfile Value: "-1h5jb8s6xvesk+1+1f=1+1g=1+1j=41+rs=s+rt=20011B6010100002101244D18E2A869E+s2=(rx411f)+vm=24-F6B0405DD37C4553B1CC75FADBA46BA8" |
|
| .pro-market.net/ | Name: anHistory Value: "-1h5jb8s6xvesk+2+!#7%/$%!E2/" |
|
| .tapad.com/ | Name: TapAd_3WAY_SYNCS Value: |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Hb=uE`b-!@wnfH8KW.dG5<#Z?TyNE:2pWqNh<mrZLCMGD$OuqylW+p64lhFSc/gFLdCnlEeM<(j#iP(Md+>)fy*Fw^9Y[ |
|
| .spotxchange.com/ | Name: audience Value: c75d13ed-17ed-11ee-802a-130dfa940406 |
|
| .exelator.com/ | Name: EE Value: "aeb7dbd317b9dc0728e0f99693c4ec0f" |
|
| .exelator.com/ | Name: ud Value: "eJxrXxzq6XKLQSExNck8JSnF2NA8yTIl2cDcyCLVIM3S0szSONkkNdkgbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQZEl%252BUWb6IhfXxUUpaQyLSopPBR%252FpCAcA20Yq0Q%253D%253D" |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkIwuI3Xh_VsTF-SMo78CdmWY72xchm1TH3T97GUIXt44uuwd8bWNnPd7y8 |
|
| .agkn.com/ | Name: u Value: C|0AAAAAAAALDKnwwAAAAAA |
|
| .bluekai.com/ | Name: bku Value: blx99Wwg7txHa8QP |
|
| .bluekai.com/ | Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDRtxM961ePWHe1lxpxNBEBY1DBeBpPsxDHYxExtxAWT9y9o4xFv |
|
| .bfmio.com/ | Name: __141_cid Value: F6B0405DD37C4553B1CC75FADBA46BA8 |
|
| .bfmio.com/ | Name: __io_cid Value: 510edc9b0f5cae0ffcd0a86e92b7b82cab9329c6 |
25 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
079-spx-435.mktoresp.com
aa.agkn.com
bat.bing.com
bcp.crwdcntrl.net
cdn.linkedin.oribi.io
cdn.segmint.net
cdnstat.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
connect.segmint.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
maprtb.segmint.net
munchkin.marketo.net
nordicpresentwork.space
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.rbfcu.org
www.rbfcu.org
13.107.42.14
142.250.184.226
142.250.185.66
18.198.126.47
18.66.97.95
185.94.180.126
188.114.97.3
192.28.144.124
216.52.2.30
23.192.153.172
23.210.118.178
2600:1901:0:8eee::
2600:1f18:612b:4264:16fa:8844:6a74:e97a
2600:9000:20eb:e800:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:802::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c0b::9b
2a02:26f0:3100::1735:28f0
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
3.72.196.231
34.111.113.62
34.90.223.176
34.98.64.218
35.153.221.178
35.204.74.118
35.244.174.68
37.252.171.52
52.222.214.59
52.58.191.52
52.87.52.236
54.217.8.192
69.173.144.165
76.223.111.18
87.236.16.245
00c660f1c23fc027241c7660d7df6056d49ac33a091ba54ab33748e70001a636
00f34bf0b86b84644f5205f81b70f2abeb4d5a186600a3529098ed13089582f0
06038842df884af106b2ed1e6f359896e86cc548b6a52230d69a497ba30f087c
08248c4b43bc7aa36fe910a66c10f75ec6efee94ec09782bff3092ad3fbcdea3
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884
0aa49cded6c89343a514ac6a5bdf368cc49b43193c968852fa56a9b82e25cb32
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c89dd69b5921823626db54bdc8eb6faad5d8b843bda4da7d1f9936516eefef8
0f6ad9ddf178186849de1b4016a28f37e12ffdfe86e8e4cfb8000e40d2787272
1116b17ad5df8fc0a2ac88830d51da86f2b6e7ef12b3d3f34ee9486a8a679e59
12eb1f600e79b64d6d175255f9336ffa9e6e3b9ca011a3c79434c81439975677
15a28462bd5048807174d35e7eabf42d54c87d509a5f9a74e56129bc35306013
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
17caaece01d70570822d9fd5f402e9a880f477b0d06907e41b7b1c65d221043d
17fa33c91045d1e0cde99bfe283d4b8302525300f10067352ce459b52c629b2f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c3ef3e4b0f17d71607ca1199bf193982a9d3b5ddb5a0f9bf59a393ddd5fde58
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1
237f4a5b7b8e81b7ad01c54cbb6205368aa9d55e1d6fd1ef38454facdc01353c
23affa89aff6faeab4187ab368d28b3a31acfb76b19f91ebb7088032a714d5e5
25f32c6df3903af125a54fd1158cb6990b86af8b633126c829e6f585975c283c
2794b2871195c45ad080501d0a53ada0ba3f7ecd461e1779476e807d692fccaa
2ae78c55d4d7fc16b2d4d8f2697409b483dc70ba5ec15b47a4d5e28912383e09
2cb9b77432cd6960646fe08ebb4d5be3ee4d0cb9b7be2b050fa3efd8a15dc829
2d1973e2953d286e5a615c70eeea2d64c4b144b3038b665f02bd38311607873c
2ea1f8b7d40dc8ae541180ea43a9d304c24324b9017ef51e6eda95c4f8bada7f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
351a9dcace0b4feaca4afcdde43c39a925c83d4101d07f3a27eaa61cf4d8f81b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4023602e4f78ffa656deaf46e28aaaa42d8fad0ecc0af6dd66d1c5c4c0f1fb32
42a729236c6275d19492b32887d489d35c13ad09bcb0339c0b7d7512e866df78
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
4a907017cee13d198adfde80929a7313accf3ef7bc3298abcf6aa8b3f09b3de5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e09fdc6fc038eb150efb222b6806ce9bc52fd225031dc793d3e65aede709dba
508b9489cab298838148ed39a37d62ab381ba9c673e153fe3aeafa0ce944e777
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
52bdd5761e8518b2e0fe6aa6d2aa189f6054fda08f9f569ff81912455f99531b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
600c4066a36fdd57eac8b1473b1249d2ddeca42ef8626a5fc86a1293705624b4
613e256f21a37f0a76c644a7b9ab31b40d0ffb3994ab811c0455209cfe7570c1
65737e9948b3567c5c136022353073f925a47e6d6c7d1d5601f7b3fa4c2cd11e
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8b8ef8183bd456a5aa78d8102ef9efab03d27cab2c6b88a2524ba6c86566db
6fde6c2e463ea24bb0cbb9fe8b6c96c4ec1e0eb44e359a43cbabc3fa8df6e985
70eb241e8890d70d6a38c2d98105c1af16337cecf9fa64a4003d218ecb9f21a6
77fd1b391f16bb5c0c6ed98c746b8a6b5a6ca7c57dcc18fcb2a59ec8506c326e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81eda3f4d0b4ac484c741357b7a02e58bfc959be974b147b8043155563b3e53b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857cac4732c674d3ac984ac199f6ece999dbe0ee50f0d5634e838e6ed0b6025b
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
8e58577776c0b06f255775498eb2e749d616aa9bf2d2356de5beb24cf18c4fed
8f8600b477459f4ff35ed0b8124476d5327bc0c28c3ef725fad774e2ccea82fe
94fe1da45aaacb07105d3b228ce6eb39e405cc9ecbfa63b21ecc4db0d2a0d2eb
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99c2b81d9134dec4bb8ac167fa5f79d29e022add00f018e38fe2b025c862c0e7
9c298807964179f31ebcaf41148f96d079440004faea5ea62b4594d52de2b0ff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ab0a171adf85721dc373db7c678eb6dd8ed1bf61c326e1f5cc3d3b9750ce3cb6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc99fba9f75a6a293825108cd6bbbb3719640f0723778cb03ec6b3a14b67f29
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
ba676b909787f5952aecc3d7b883761753a60cf4cd262b0b955a4de2120de8ae
ba793b27cc193098d7c2ecafea44bc85edf7e5d4c496a5340d7177a514c93308
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb6fd80dd733223ed988bcbaa33ccac8fa5488fd75927c3f071a23ff0beff5f
be7a731c9e32bb3d70465aabd561a8cfca6e9c895a4e5acdcb3dca7ecb107689
c167fa02bb2b940af9d88064784e89ce000c0c5e533cbfbcc0dd0b00b05b0c4b
c3ea392d82c1bc2d170ff5e3908afb327715a29f7a84fee11bfda71c85a22026
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c9ac048e1f1aaf97c6d5411843fdd129c7569337a5672cfc5c50eaf25598b9a9
c9b415075ea220ad2c956d4c069c7855b7ba5e22f704432ba7e07e6ff19b1d4b
ca4a3531049529998b53eec342ba1e1991a9524cec0b0a7227c171d5cdbbe411
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2bd80c5037b0f716cf1567ca7f8cd4bb75550ccc0f46835902e7351df9cf605
dbf5aa16ec1d8d83ffb05d4524c1b6ae583b7c3f488a43e3168d9f57eec6eded
dc47d1dff1bb294b07ba3486ee2eaab4d91773399a1184c95ab4cb41a8f82f17
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
de309c744c6eb9816cf5071bbef0e94cd79815d65b85997d96d79e237db53a3d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaba7d72941ec09c08157a2c6a2197e969cb952ac5179431bb9830849bca04cf
eb6ac99c46e5832d98159582c938b5ccd11247a53747d71652fe65451c01ee43
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f72cbfb1ccc01eda53795f1698b342ef5c6b4c8c77f78db9de93aaacb15830
f4a1db76681e786512335f069db5f844caf400757c22c4cae65d2ee3b8ecedf4
f53433449e2b3100e1bccac4981b465479615eabee1e45345c64fa1270ab7744
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82f03dc83491e17ac2093038ed8fb7aa9fbba932baad0ca7860c5ed61713d33
ff2778e4202a627a4e28ca19ba5712b0cde4f33f2480dbfcbcfbbedd93edea4a