www.nito.no
Open in
urlscan Pro
137.221.25.173
Public Scan
Effective URL: https://www.nito.no/medlemsfordel/
Submission: On February 13 via manual from GB
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 29th 2018. Valid for: 2 years.
This is the only time www.nito.no was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
google.com | |
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com
use.typekit.net | |
p.typekit.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
static.hotjar.com | |
vars.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-99.fra2.r.cloudfront.net
sc-static.net |
ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-188.teliacarrier-cust.com
tb.de17a.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11
script.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-147-201.eu-central-1.compute.amazonaws.com
eu2.siteimprove.com |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net |
ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com |
ASN29990 (ASN-APPNEX, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-103-23.eu-central-1.compute.amazonaws.com
ad.360yield.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-17-58.eu-central-1.compute.amazonaws.com
pixel.advertising.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-138-105.eu-west-1.compute.amazonaws.com
ad.sxp.smartclip.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-139-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-39-229.eu-west-1.compute.amazonaws.com
usermatch.targeting.unrulymedia.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
dsum.casalemedia.com |
Domain | Requested by | |
---|---|---|
18 | www.nito.no |
1 redirects
www.nito.no
|
6 | use.typekit.net |
www.nito.no
use.typekit.net |
4 | tb.de17a.com |
1 redirects
www.nito.no
tb.de17a.com |
3 | ad.sxp.smartclip.net |
2 redirects
blank
|
3 | d5p.de17a.com |
1 redirects
blank
|
3 | www.google.com |
1 redirects
www.nito.no
|
2 | dsum.casalemedia.com |
1 redirects
blank
|
2 | dmp.adform.net |
1 redirects
blank
|
2 | x.bidswitch.net |
1 redirects
blank
|
2 | sync.search.spotxchange.com |
1 redirects
blank
|
2 | ad.360yield.com |
1 redirects
blank
|
2 | ib.adnxs.com | 2 redirects |
2 | www.facebook.com |
www.nito.no
|
2 | tr.snapchat.com |
www.googletagmanager.com
|
2 | www.google.de |
www.nito.no
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | connect.facebook.net |
www.nito.no
connect.facebook.net |
1 | usermatch.targeting.unrulymedia.com |
blank
|
1 | pixel.advertising.com |
blank
|
1 | image2.pubmatic.com |
blank
|
1 | cm.g.doubleclick.net | 1 redirects |
1 | pixel.rubiconproject.com |
blank
|
1 | p.typekit.net |
www.nito.no
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | eu2.siteimprove.com |
www.nito.no
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | sc-static.net |
www.nito.no
|
1 | siteimproveanalytics.com |
www.nito.no
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | cdn.rawgit.com |
www.nito.no
|
1 | www.googletagmanager.com |
www.nito.no
|
1 | dl.episerver.net |
www.nito.no
|
1 | google.com | 1 redirects |
1 | ajax.aspnetcdn.com |
www.nito.no
|
1 | ingeniorforsikringen.com | 1 redirects |
62 | 38 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tryg.no |
www.nordea.no |
www.digi.no |
nito.logistikkhuset.no |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nito.no DigiCert SHA2 Extended Validation Server CA |
2018-10-29 - 2020-11-02 |
2 years | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2018-03-30 - 2020-03-30 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-10-15 - 2020-10-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-01-29 - 2020-04-22 |
3 months | crt.sh |
rawgit.com Sectigo RSA Domain Validation Secure Server CA |
2020-01-03 - 2022-01-12 |
2 years | crt.sh |
*.typekit.net DigiCert SHA2 Secure Server CA |
2019-12-06 - 2021-12-10 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-01-16 - 2020-04-15 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
ssl379359.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-11-16 - 2020-05-24 |
6 months | crt.sh |
sc-static.net DigiCert SHA2 Secure Server CA |
2019-03-11 - 2021-03-15 |
2 years | crt.sh |
*.de17a.com Sectigo ECC Domain Validation Secure Server CA |
2019-12-03 - 2020-12-02 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-01-21 - 2020-04-14 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
tr.snapchat.com DigiCert SHA2 Secure Server CA |
2019-02-19 - 2021-02-23 |
2 years | crt.sh |
*.siteimprove.com DigiCert SHA2 Secure Server CA |
2018-01-03 - 2020-03-11 |
2 years | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-02-03 - 2020-05-03 |
3 months | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA |
2019-02-22 - 2021-02-21 |
2 years | crt.sh |
*.360yield.com Amazon |
2019-09-24 - 2020-10-24 |
a year | crt.sh |
*.search.spotxchange.com GeoTrust RSA CA 2018 |
2019-03-20 - 2021-04-21 |
2 years | crt.sh |
pixel.advertising.com DigiCert SHA2 High Assurance Server CA |
2017-06-14 - 2020-06-18 |
3 years | crt.sh |
*.smartclip.net Amazon |
2019-03-28 - 2020-04-28 |
a year | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2019-04-17 - 2020-05-04 |
a year | crt.sh |
track.adform.net DigiCert SHA2 Secure Server CA |
2019-09-16 - 2021-09-20 |
2 years | crt.sh |
*.targeting.unrulymedia.com Amazon |
2019-07-31 - 2020-08-31 |
a year | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2019-07-17 - 2020-03-09 |
8 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.nito.no/medlemsfordel/
Frame ID: 96A7C5084AA309A98D3F74313438937B
Requests: 48 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i
Frame ID: 5632FB71ED9D9BAC28D209A41CAC6ACF
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: E5D08A7D7F4D47C613F0D44FB85D6F29
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 46EBF414EAAB8485FD480F0F631282B1
Requests: 1 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: 1A8113C152A30BF4ED1B62D8E2F088B0
Requests: 1 HTTP requests in this frame
Frame:
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F%22%2C%22title%22%3A%22Medlemsfordeler%20%7C%20NITO%22%2C%22trackingAccountId%22%3A%2216107%22%2C%22referrer%22%3A%22%22%7D&callback=$d7_cb_2
Frame ID: 5D6DD4D98F93FB62D529DA3E08B41552
Requests: 1 HTTP requests in this frame
Frame:
https://pixel.rubiconproject.com/tap.php?v=6327&nid=2135&put=2896608677147992573&expires=30
Frame ID: 912C3C37BD6AC9A1A4491EABA6911AFE
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ingeniorforsikringen.com/
HTTP 301
https://www.nito.no/medlemsfordel/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Hotjar (Analytics) Expand
Detected patterns
- script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: Forsikringsfordeler i Tryg Gode vilkår, god pris, 30 % rabatt på skadeforsikringer (inkl. Tryg Pluss)
Search URL Search Domain Scan URL
Title: Bli bankkunde i Nordea Du er kvalifisert direkte til det eksklusive fordelsprogrammet Premium
Search URL Search Domain Scan URL
Title: Halv pris på Ekstra hos digi.no
Search URL Search Domain Scan URL
Title: Elbil-lader fra Elfag
Search URL Search Domain Scan URL
Title: Jeg vil bli kontaktet av Nordea
Search URL Search Domain Scan URL
Title: NITOs nettbutikk
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ingeniorforsikringen.com/
HTTP 301
https://www.nito.no/medlemsfordel/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://www.nito.no/link/bfed19692c274017847db43dccd2f5d9.aspx HTTP 301
- https://www.nito.no/globalassets/episerver-forms/knapp---kontakt-meg.jpg
- https://google.com/jsapi HTTP 301
- https://www.google.com/jsapi
- https://www.google-analytics.com/r/collect?v=1&_v=j81&a=621280906&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nito.no%2Fmedlemsfordel%2F&dp=%2Fmedlemsfordel%2F&ul=en-us&de=UTF-8&dt=Medlemsfordeler%20%7C%20NITO&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=2146369412&gjid=1308050478&cid=1988684192.1581597778&tid=UA-38034439-1&_gid=383151638.1581597778&_r=1>m=2wg250PVTJQ4&z=192499018 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_gid=383151638.1581597778&gjid=1308050478&_v=j81&z=192499018 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38034439-1&cid=1988684192.1581597778&jid=2146369412&_v=j81&z=192499018&slf_rd=1&random=949649421
- https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
- https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
- https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_cm&google_ula=668382 HTTP 302
- https://d5p.de17a.com/cookies/google?google_gid=CAESEGxj_SNZmHqOyidzKROrn6A&google_cver=1&google_ula=668382,0
- https://ib.adnxs.com/getuid?https://d5p.de17a.com/setuid/appnexus?anxs_uid=$UID HTTP 302
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fd5p.de17a.com%2Fsetuid%2Fappnexus%3Fanxs_uid%3D%24UID HTTP 302
- https://d5p.de17a.com/setuid/appnexus?anxs_uid=7689323750889410499
- https://ad.360yield.com/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778 HTTP 302
- https://ad.360yield.com/ul_cb/match?publisher_dsp_id=61&external_user_id=2896608677147992573&expiration=1584189778
- https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=7326&uid=2896608677147992573&img=1&__user_check__=1&sync_id=5d5de571-4e5e-11ea-a39a-13b80d861006
- https://ad.sxp.smartclip.net/sync?type=red&dsp=39 HTTP 302
- https://ad.sxp.smartclip.net/sync?type=red&dsp=39&ang_testid=1 HTTP 302
- https://d5p.de17a.com/getuid/smartclip?uuid=299c18e2-30db-4c72-83a8-43b4a276d378 HTTP 302
- https://ad.sxp.smartclip.net/sync?type=host&dsp=39&dspuuid=2896608677147992573&uuid=299c18e2-30db-4c72-83a8-43b4a276d378
- https://x.bidswitch.net/sync?dsp_id=228&user_id=2896608677147992573&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=228&user_id=2896608677147992573&expires=30
- https://dmp.adform.net/serving/cookie/match?party=1124&cid=2896608677147992573 HTTP 302
- https://dmp.adform.net/serving/cookie/match?CC=1&party=1124&cid=2896608677147992573
- https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778 HTTP 302
- https://dsum.casalemedia.com/rum?cm_dsp_id=175&external_user_id=2896608677147992573&expiration=1584189778&C=1
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
www.nito.no/medlemsfordel/ Redirect Chain
|
45 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global
www.nito.no/bundles/css/ |
178 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.axd
www.nito.no/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.axd
www.nito.no/ |
95 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nito-logo-responsive-new.svg
www.nito.no/contentassets/c18ee90172544560a836d778c032ddd7/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GetFormInitScript
www.nito.no/EPiServer.Forms/DataSubmit/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
knapp---kontakt-meg.jpg
www.nito.no/globalassets/episerver-forms/ Redirect Chain
|
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print
www.nito.no/bundles/css/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forsikringssenter_smalt.jpg
www.nito.no/contentassets/97e9a73a13e64d738d947e7335a21f24/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.1.3.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
82 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global
www.nito.no/bundles/js/ |
224 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jsapi
www.google.com/ Redirect Chain
|
26 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
find.js
dl.episerver.net/13.2.5/epi-util/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.axd
www.nito.no/ |
33 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
105 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Regular.woff
www.nito.no/UI/fonts/ |
119 KB 119 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
710 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
234 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BlenderPro-BoldWeb.woff
www.nito.no/UI/fonts/ |
49 KB 49 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Light.woff
www.nito.no/UI/fonts/ |
116 KB 117 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BlenderPro-ThinWeb.woff
www.nito.no/UI/fonts/ |
48 KB 49 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSansPro-Bold.woff
www.nito.no/UI/fonts/ |
122 KB 122 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.woff
www.nito.no/UI/fonts/ |
8 KB 8 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prettify.css
cdn.rawgit.com/google/code-prettify/master/loader/ |
655 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bak7vgz.js
use.typekit.net/ |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-752291.js
static.hotjar.com/c/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
26 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
siteanalyze_6018408.js
siteimproveanalytics.com/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d7.js
tb.de17a.com/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1132819503425502
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070061330/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/29352b/00000000000000003b9aefb9/27/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ |
31 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ |
33 KB 33 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/7f382d/00000000000000003b9aefbc/27/ |
31 KB 31 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.4f655037b2a3518f16e4.js
script.hotjar.com/ |
401 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 5632 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1070061330/ |
42 B 119 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1070061330/ |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame E5D0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.aspx
eu2.siteimprove.com/ |
34 B 406 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 46EB |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getUid;c
tb.de17a.com/api/ Frame 1A81 Redirect Chain
|
61 B 222 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pageView
tb.de17a.com/api/ Frame 5D6D |
2 KB 3 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 912C |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google
d5p.de17a.com/cookies/ Frame 912C Redirect Chain
|
35 B 134 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appnexus
d5p.de17a.com/setuid/ Frame 912C Redirect Chain
|
35 B 134 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
image2.pubmatic.com/AdServer/ Frame 912C |
42 B 973 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
ad.360yield.com/ul_cb/ Frame 912C Redirect Chain
|
43 B 421 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 912C Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pixel.advertising.com/ups/55955/ Frame 912C |
0 124 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
ad.sxp.smartclip.net/ Frame 912C Redirect Chain
|
42 B 787 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Frame 912C Redirect Chain
|
43 B 379 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
dmp.adform.net/serving/cookie/ Frame 912C Redirect Chain
|
35 B 233 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2896608677147992573
usermatch.targeting.unrulymedia.com/usermatch/delta/ Frame 912C |
0 289 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum.casalemedia.com/ Frame 912C Redirect Chain
|
43 B 979 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 157 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| epi function| $ function| jQuery function| $$epiforms object| dataLayer object| nito number| ZIP_LENGTH object| addresses string| zipcode string| originalZip number| totalSavings function| onBegin function| onSuccess object| Modernizr function| yepnope boolean| PR_SHOULD_USE_CONTINUATION object| PR number| googleLT_ object| google object| ca function| google_exportSymbol function| google_exportProperty function| FindApi object| api object| google_tag_manager function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| snaptr object| _d7 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Typekit object| _sz object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| La boolean| K13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIJIiMc3ToFRxvOw3FtyiWSplkChZNbOzCPvC66FaHekYEenyyIOoFMgAAAA== |
|
.nito.no/ | Name: _hjid Value: 5231a9e9-e543-4047-82cb-fcb2b27febbc |
|
.www.nito.no/ | Name: nmstat Value: 1581597832203 |
|
www.nito.no/ | Name: .EPiForm_BID Value: 1e401a30-bf48-496b-86ab-63c18e8aa691 |
|
www.nito.no/ | Name: _scid Value: 06f8b62c-4682-4cad-bf58-ab0ded1ecafb |
|
.nito.no/ | Name: _gat_UA-38034439-1 Value: 1 |
|
www.nito.no/ | Name: .EPiForm_VisitorIdentifier Value: 1e401a30-bf48-496b-86ab-63c18e8aa691: |
|
.nito.no/ | Name: _fbp Value: fb.1.1581597778561.1893232068 |
|
.nito.no/ | Name: _gid Value: GA1.2.383151638.1581597778 |
|
.nito.no/ | Name: _ga Value: GA1.2.1988684192.1581597778 |
|
www.nito.no/ | Name: __RequestVerificationToken Value: aFrUQ-sfmuUbK17NJNIpp7T-yP9tTaFzL4qKlFeickfcYV3WLgfFf7jsHXa3i_VSbK0jn1-AqJH8WIXOmfpLS8WPYRw1 |
|
www.nito.no/ | Name: NITO.Web Value: srovomb0fjdng2dc3mg1tlgq |
|
www.nito.no/ | Name: EPi_NumberOfVisits Value: 1,2020-02-13T12:42:57 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.360yield.com
ad.sxp.smartclip.net
ajax.aspnetcdn.com
cdn.rawgit.com
cm.g.doubleclick.net
connect.facebook.net
d5p.de17a.com
dl.episerver.net
dmp.adform.net
dsum.casalemedia.com
eu2.siteimprove.com
google.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
ingeniorforsikringen.com
p.typekit.net
pixel.advertising.com
pixel.rubiconproject.com
sc-static.net
script.hotjar.com
siteimproveanalytics.com
static.hotjar.com
stats.g.doubleclick.net
sync.search.spotxchange.com
tb.de17a.com
tr.snapchat.com
use.typekit.net
usermatch.targeting.unrulymedia.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nito.no
x.bidswitch.net
13.224.196.99
137.221.25.173
147.75.32.125
147.75.33.229
151.139.237.11
152.199.19.160
172.217.16.130
172.217.18.98
18.185.147.201
18.195.103.23
185.33.223.100
185.64.190.80
185.94.180.125
213.155.156.184
213.155.156.188
23.210.249.164
2606:4700:20::6819:8976
2606:4700::6812:1276
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.156.139.187
35.158.17.58
35.186.226.184
37.157.6.251
5.249.226.243
52.215.39.229
54.154.138.105
69.173.144.139
95.100.67.47
00a74242d765949521595766e36317ed8aeb7662cd9388e4a41e229b21346e49
0615c152fcf16df7c7996b666eabba5d9883522abe792e0643d4b06c0414a5c4
0f52ed865045951d041dd225ddbe2ef628edfb47e3d72fb5f1380a1384673596
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15b99767f2cadf6fec107c762c06e967e00e6628db5a7d061ac68386f8eda894
194c08aa690e538ff7d9d7bf2d5dc31249b64f70e70080b2e2f1a7a044c260b7
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2042da5301e21c18e852e6f9160bc27eef4b596c246c7d0c5338beec7b6d479f
209e09dcfa63dddfe6afe5d0b3f7fb71efc7c69b0ebd40b373f2a7b6858f00a6
2d7cc2c9c9fef717010fcfa8fa6518079eaec1e63975a74b4fb78afb14d6ee5e
34beb8307459d04719789002534a6749e1b7a40021de510bebcbc550d6507006
39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd
3f5aeae6c6ef3afa10681c4216eabc616547959e7808bfa32abeb6e4dc3f0641
41bb54c5e41bfff348c98ec5a29df6dff1b3f220e5b25284943907efaf7cd041
4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac
4bb036e74f572fccd8fd3aed6e22c0b6c94ddf5e89defbea17223a5dba65c3f3
50cd27879f03f1b1a0c173b14e4f30390362555145ecd8169d65d84e5fb6c055
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fa244915db525309e37d39ceee94ee3a293271521eb6a54ddbf9ce52016aa30
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67009cbab87524f2aeeb300e203df865d516f51de59e348bd8ff8ffcf749c185
6a7ae939e260af438d3575a1b5d7afff2c6b61158c41beffbe67aaa775190982
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
7de8582bfa70bfc9474928687649c6efb6dc990fab02a7820d0b9b522c7edea1
7e512e701c7161e382eb9527db3e1c98f8ebd95c63a007c5e0b3e7b59d8984dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88631002de22ef14f69ae8fe9fee2aca7961ea3a5252061c90d1b91f7204ecb5
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
911a14b76abc9a678ccc4631328c89f1f032e046057e06cd345204e0497e9aac
959f66f6e008e35a2ab1e0a71fbf7d18f6c176b6f21191f120f3110036687491
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d9ba5a6b309045593e83fc986e1e2005bd9a62801cfa53eeb9e11f7ffb01f41
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b729c6ac5558f689ca28d900ae12a104541ebc5eda7137d0a51d1dce03a22bcf
b76b762449fb02021faa1d530ec3c8bac1eb68ca6e76354f93146195444a2a94
bad2e26702eceba676342679bcdd5a6ed966b10c29e82417ea6b6d5b77ec4006
bf6c8a881f4bd7d9c5603d03bae689541c6dd16abfd800912f46422e575f6902
c5587a9738a42e7fd16ba969bde78a2edefab3fa5a650342ec2a9b6dacfba34b
cd1720f7e0118c1d739e71a3118b686372e1f76b1760553feca5f1b8910e425b
ce955c2abb1b3639be7d38357b192b262f73576e7c2408c75200f3d8cda33913
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec41d04f5214f930f6451d9f7ac31c21923206440e3cb81e95f3df4bc16df78b
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6d1d72f15e800c404e4cf5dd570c0c761bc2b8a3d9af802bbc367dfca58efc