urlscan.io logo urlscan.io
SecurityTrails logo

sparebank-auth.com Open in urlscan Pro
185.61.154.7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sparebank-auth.com/
Effective URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215...
Submission: On July 05 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 3 domains to perform 34 HTTP transactions. The main IP is 185.61.154.7, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is sparebank-auth.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 3rd 2021. Valid for: a year.
This is the only time sparebank-auth.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparebanken West (Banking)

Domain & IP information

IP Address AS Autonomous System
2 3 185.61.154.7 22612 (NAMECHEAP...)
10 62.148.39.40 13243 (AS13243)
1 62.148.39.41 13243 (AS13243)
1 91.102.25.100 41741 (BBS-AS)
14 62.148.39.51 13243 (AS13243)
3 2620:1ec:bdf::42 8068 (MICROSOFT...)
34 7
3    185.61.154.7 (United Kingdom)

ASN22612 (NAMECHEAP-NET, US)
PTR: server248-4.web-hosting.com
sparebank-auth.com
10    62.148.39.40 (Torvastad, Norway)

ASN13243 (AS13243, NO)
security.spv.no
1    62.148.39.41 (Torvastad, Norway)

ASN13243 (AS13243, NO)
stats.spv.no
1    91.102.25.100 (Oslo, Norway)

ASN41741 (BBS-AS, DK)
services.bankid.no
14    62.148.39.51 (Torvastad, Norway)

ASN13243 (AS13243, NO)
www.spv.no
3    2620:1ec:bdf::42 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cdn.spv.no
Apex Domain
Subdomains		 Transfer
28 spv.no
security.spv.no
stats.spv.no
www.spv.no
cdn.spv.no
579 KB
3 sparebank-auth.com
sparebank-auth.com
3 KB
1 bankid.no
services.bankid.no
32 KB
34 3
Domain Requested by
14 www.spv.no sparebank-auth.com
www.spv.no
10 security.spv.no sparebank-auth.com
security.spv.no
3 cdn.spv.no security.spv.no
3 sparebank-auth.com 2 redirects
1 services.bankid.no sparebank-auth.com
1 stats.spv.no sparebank-auth.com
stats.spv.no
34 6

This site contains links to these domains. Also see Links.

Domain
www.spv.no
security.spv.no
Subject Issuer Validity Valid
sparebank-auth.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-03 -
2022-07-03		 a year crt.sh
security.spv.no
Buypass Class 3 CA 2		 2020-11-16 -
2021-12-06		 a year crt.sh
stats.spv.no
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2022-04-14		 2 years crt.sh
services.bankid.no
DigiCert SHA2 Secure Server CA		 2020-10-09 -
2021-11-03		 a year crt.sh
spv.no
Buypass Class 3 CA 2		 2020-11-25 -
2021-12-24		 a year crt.sh
cdn.spv.no
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-01		 a year crt.sh

This page contains 5 frames:

Primary Page: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Frame ID: 3348154273667915D9D855B8A814AE01
Requests: 18 HTTP requests in this frame

Frame: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
Frame ID: C45A190BCB877A4FED238D2E06919C28
Requests: 4 HTTP requests in this frame

Frame: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
Frame ID: DBB35E1CA929E9000384846A4ED1B614
Requests: 4 HTTP requests in this frame

Frame: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
Frame ID: 97B820D91527F018CF2AC705C3723CDD
Requests: 6 HTTP requests in this frame

Frame: https://security.spv.no/STS/privat-web/RpLogout.aspx
Frame ID: 1B45446854EB9AC7E6E6AE140085184E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sparebank-auth.com/ HTTP 301
    https://sparebank-auth.com/ HTTP 302
    https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e5... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

34
Requests

88 %
HTTPS

17 %
IPv6

3
Domains

6
Subdomains

7
IPs

3
Countries

613 kB
Transfer

829 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sparebank-auth.com/ HTTP 301
    https://sparebank-auth.com/ HTTP 302
    https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.php
sparebank-auth.com/
Redirect Chain
  • http://sparebank-auth.com/
  • https://sparebank-auth.com/
  • https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.61.154.7 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server248-4.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
7b957f6db3da09ada8011061e60a043c93bf6ac978200aef7639b508e5205872

Request headers

:method
GET
:authority
sparebank-auth.com
:scheme
https
:path
/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=fa9b14ccf0ed937e34331ec96c3b69f2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date
Mon, 05 Jul 2021 09:25:52 GMT
server
Apache
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-encoding
gzip
content-length
2432
content-type
text/html; charset=UTF-8

Redirect headers

date
Mon, 05 Jul 2021 09:25:52 GMT
server
Apache
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=fa9b14ccf0ed937e34331ec96c3b69f2; path=/
location
Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
content-length
0
content-type
text/html; charset=UTF-8
spvcss
security.spv.no/Innlogging/privat-web/Autentisering/bundles/ 		190 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/spvcss?v=9kNqcB_x2q0dQy_8IQrf2IRltVE9zp26-d38rmHdUUg1
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
fe2631185ccba5c77fed094680e429f6f3f311efdb77963357e27c6ecea5dc8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
vary
Accept-Encoding
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:52 GMT
x-frame-options
Deny
content-type
text/css; charset=utf-8
cache-control
no-cache
content-length
44912
expires
-1
js
security.spv.no/Innlogging/privat-web/Autentisering/bundles/ 		101 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/js?v=EelrPSs1J19dnDBtaqoR3pFt-cv0R6M56JCVIjDmKzY1
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
74d3537e3c1ae777beddebef4504ca68db730a15af4dada6b887b0c40acf706a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
vary
User-Agent,Accept-Encoding
last-modified
Mon, 05 Jul 2021 09:25:53 GMT
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:52 GMT
x-frame-options
Deny
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
47173
expires
Tue, 05 Jul 2022 09:25:53 GMT
behavioweb
security.spv.no/Innlogging/privat-web/Autentisering/bundles/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/behavioweb?v=-N-6yftez_sD0d35mMIXOXF-rDVVubtp0CMhX94fpkg1
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
1e0cddefc5d27359cc9d6cbebd050858db837bc3a0162a4b2fbc8ad62dbb2607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
vary
User-Agent,Accept-Encoding
last-modified
Mon, 05 Jul 2021 09:25:53 GMT
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:52 GMT
x-frame-options
Deny
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
942
expires
Tue, 05 Jul 2022 09:25:53 GMT
form
security.spv.no/Innlogging/privat-web/Autentisering/bundles/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/form?v=jtmN8FSD0a8-33b-Uuuh1LKlYvbUDdY9jN1gWwY2oEs1
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
bb160f87c96ea6c655fa1d2af6b929420576414f9fc1c82f6287314d97877701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
vary
User-Agent,Accept-Encoding
last-modified
Mon, 05 Jul 2021 09:25:53 GMT
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:52 GMT
x-frame-options
Deny
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
12415
expires
Tue, 05 Jul 2022 09:25:53 GMT
statsScript.js
stats.spv.no/Scripts/ 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.spv.no/Scripts/statsScript.js
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.41 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
9b3f4f7b98265c9380eb01e7597bb05d5b99999792286325fde9d03bbd5ff07a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:52 GMT
x-frame-options
Deny
content-type
text/javascript; charset=utf-8
cache-control
no-cache
vary
Accept-Encoding
content-length
586
expires
-1
bid-browser-test.js
services.bankid.no/test/precheck/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.bankid.no/test/precheck/bid-browser-test.js
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
91.102.25.100 Oslo, Norway, ASN41741 (BBS-AS, DK),
Reverse DNS
Software
webserver v1.0 /
Resource Hash
563d1d0e3b7b2251d1f18f21e3cd7cb6aa0e3c4c0f484b531b48855b55c45ac6

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 09:25:53 GMT
Server
webserver v1.0
Content-length
32324
Content-type
text/javascript;charset=utf-8
BankIDFeatureDetection
security.spv.no/Innlogging/privat-web/Autentisering/bundles/ 		845 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/BankIDFeatureDetection?v=mPbY54TazTdY7GED2UAuY2IoNWM0p_eyhIn7iKVb1II1
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
0f9cab61466cd99a35557f4760e0babf55831822886fece887bade99028869a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
vary
User-Agent,Accept-Encoding
last-modified
Mon, 05 Jul 2021 09:25:53 GMT
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:52 GMT
x-frame-options
Deny
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
619
expires
Tue, 05 Jul 2022 09:25:53 GMT
spv-logo.png
security.spv.no/Innlogging/privat-web/Autentisering/Content/common/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/Content/common/images/spv-logo.png
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
1e5552c8cd9ab29f3effc709ce828d767d89c85c2e67fd3b09476ac0e4b810d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
last-modified
Fri, 25 Jun 2021 11:36:06 GMT
server
WebServer/1.0
etag
"097f948b669d71:0"
x-frame-options
Deny
content-type
image/png
date
Mon, 05 Jul 2021 09:25:52 GMT
accept-ranges
bytes
content-length
4742
BID.svg
security.spv.no/Innlogging/privat-web/Autentisering/Content/spv/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/Content/spv/images/BID.svg
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
005e1df65898630b1c067dc1f102e75a5ca1aad6c2d6f609b7eadd20e36da309
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
last-modified
Fri, 25 Jun 2021 11:36:06 GMT
server
WebServer/1.0
etag
"097f948b669d71:0"
x-frame-options
Deny
content-type
image/svg+xml
date
Mon, 05 Jul 2021 09:25:52 GMT
accept-ranges
bytes
content-length
1298
RpLogout.aspx
security.spv.no/STS/privat-web/ 		143 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.spv.no/STS/privat-web/RpLogout.aspx?wa=wsignoutcleanup1.0
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
c76455516174d7457a68eefdb2371cb441060951de9eb412f1f34adbea6c5c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sparebank-auth.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
WebServer/1.0
date
Mon, 05 Jul 2021 09:25:53 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
143
expires
-1
statsService
stats.spv.no/api/ 		0
0
Cookie set top
www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/ Frame C45A 		826 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
83d06f7446d9529a39dfdf0bf9267f66663cdcb5cc10e706d996fc4d95aa84f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Host
www.spv.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sparebank-auth.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Referer
https://sparebank-auth.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Last-Modified
Mon, 19 Apr 2021 10:24:43 GMT
Server
WebServer/1.0
Set-Cookie
ASP.NET_SessionId=qjqklbu142ts1jejrkwdw31n; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=2937ca95b26e41c6aa2081975cce8961|False; domain=.spv.no; expires=Thu, 03-Jul-2031 09:25:53 GMT; path=/; secure; HttpOnly
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Date
Mon, 05 Jul 2021 09:25:52 GMT
Content-Length
826
Cookie set bottom
www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/ Frame DBB3 		829 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
7dfe4ba7c56822488049303f5a45967b412a09fb05323608ff1b8786c201f226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Host
www.spv.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sparebank-auth.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Referer
https://sparebank-auth.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Last-Modified
Mon, 19 Apr 2021 10:23:08 GMT
Server
WebServer/1.0
Set-Cookie
ASP.NET_SessionId=kpi0lxv5knbgvra5l5gnxdyn; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=9920a81623c64326ac3a7e0a54472e26|False; domain=.spv.no; expires=Thu, 03-Jul-2031 09:25:53 GMT; path=/; secure; HttpOnly
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Date
Mon, 05 Jul 2021 09:25:52 GMT
Content-Length
829
Cookie set right
www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/ Frame 97B8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
a2df8faca11ffba95a730b0c88e53b986209c9020888bd70a2a28b6e0280f090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Host
www.spv.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sparebank-auth.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Referer
https://sparebank-auth.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Last-Modified
Mon, 19 Apr 2021 10:24:28 GMT
Server
WebServer/1.0
Set-Cookie
ASP.NET_SessionId=ayxdtrfhp2d4nm4fihbbhnsd; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=48d45108c5bc49939d54800eb47ddb56|False; domain=.spv.no; expires=Thu, 03-Jul-2031 09:25:53 GMT; path=/; secure; HttpOnly
X-Robots-Tag
none
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Date
Mon, 05 Jul 2021 09:25:52 GMT
Content-Length
1222
RpLogout.aspx
security.spv.no/STS/privat-web/ Frame 1B45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://security.spv.no/STS/privat-web/RpLogout.aspx
Requested by
Host: sparebank-auth.com
URL: https://sparebank-auth.com/Login.php?id=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51&session=8ea52bb215374551ce90216a5fd80e518ea52bb215374551ce90216a5fd80e51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' https://static.spv.no https://cdn.spv.no;style-src 'self' 'unsafe-inline';img-src 'self' https://static.spv.no https://cdn.spv.no https://signering.spv.no https://m.spv.no https://www1.spv.no https://www2.spv.no https://www4.spv.no https://chat.spv.no https://login.frende.no;font-src 'self' https://static.spv.no https://cdn.spv.no;frame-ancestors 'self' https://speilbilde.spvest.no https://www2.spv.no
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
security.spv.no
:scheme
https
:path
/STS/privat-web/RpLogout.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sparebank-auth.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Referer
https://sparebank-auth.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
server
WebServer/1.0
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none';script-src 'self' https://static.spv.no https://cdn.spv.no;style-src 'self' 'unsafe-inline';img-src 'self' https://static.spv.no https://cdn.spv.no https://signering.spv.no https://m.spv.no https://www1.spv.no https://www2.spv.no https://www4.spv.no https://chat.spv.no https://login.frende.no;font-src 'self' https://static.spv.no https://cdn.spv.no;frame-ancestors 'self' https://speilbilde.spvest.no https://www2.spv.no
date
Mon, 05 Jul 2021 09:25:53 GMT
content-length
797
toolbar_bottom_bg.png
security.spv.no/Innlogging/privat-web/Autentisering/Content/Packages/images/ 		116 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.spv.no/Innlogging/privat-web/Autentisering/Content/Packages/images/toolbar_bottom_bg.png
Requested by
Host: security.spv.no
URL: https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/spvcss?v=9kNqcB_x2q0dQy_8IQrf2IRltVE9zp26-d38rmHdUUg1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.40 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
8c31941286a996c00b3cabfe36947fc2d80aef01195fb69fd7c0ce8fa0b7cc94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options Deny

Request headers

Referer
https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/spvcss?v=9kNqcB_x2q0dQy_8IQrf2IRltVE9zp26-d38rmHdUUg1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=31536000
last-modified
Fri, 25 Jun 2021 11:36:06 GMT
server
WebServer/1.0
etag
"097f948b669d71:0"
x-frame-options
Deny
content-type
image/png
date
Mon, 05 Jul 2021 09:25:53 GMT
accept-ranges
bytes
content-length
116
Tobias-Bold.woff2
cdn.spv.no/static/assets/fonts/1.1.0/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.spv.no/static/assets/fonts/1.1.0/Tobias-Bold.woff2
Requested by
Host: security.spv.no
URL: https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/spvcss?v=9kNqcB_x2q0dQy_8IQrf2IRltVE9zp26-d38rmHdUUg1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5d9f56a9df89ee63062a24e3ca2916acce245dee698654664ba20781debcff2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://sparebank-auth.com
Referer
https://security.spv.no/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-azure-ref-originshield
0VOXhYAAAAACAhIZ5VrJDRoKAEdjE8QlxTE9OMjFFREdFMDIwOQA2ZGI5YzZiNi1iZTk5LTRmNjUtYjExZi05OWE3ODcwNjI1MTY=
content-md5
FX789Ce234wM57ta4rmwPg==
x-cache
TCP_HIT
content-length
49532
etag
0x8D930AC8DD320A2
x-ms-lease-status
unlocked
last-modified
Wed, 16 Jun 2021 09:53:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Mon, 05 Jul 2021 09:25:52 GMT
x-azure-ref
0IdDiYAAAAACsMEMQQeX2Q6ftgAa2CNXRRlJBRURHRTEwMDcANmRiOWM2YjYtYmU5OS00ZjY1LWIxMWYtOTlhNzg3MDYyNTE2
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
e1fe60c8-601e-0067-694c-6fb813000000
x-ms-version
2009-09-19
FannGrotesque-Regular.woff2
cdn.spv.no/static/assets/fonts/1.1.0/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.spv.no/static/assets/fonts/1.1.0/FannGrotesque-Regular.woff2
Requested by
Host: security.spv.no
URL: https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/spvcss?v=9kNqcB_x2q0dQy_8IQrf2IRltVE9zp26-d38rmHdUUg1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a2eda1a3ad2e233256f54b9763b9e4b807a73d159777ce1fddd5187640d46595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://sparebank-auth.com
Referer
https://security.spv.no/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-azure-ref-originshield
0zv7fYAAAAADQAYhln6vEQpFsufVyiLp0TE9OMjFFREdFMTUyMgA2ZGI5YzZiNi1iZTk5LTRmNjUtYjExZi05OWE3ODcwNjI1MTY=
content-md5
Wl6WQ9w3gxGagG/febkKFw==
x-cache
TCP_HIT
content-length
26244
etag
0x8D930AC8B0DDBA0
x-ms-lease-status
unlocked
last-modified
Wed, 16 Jun 2021 09:53:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Mon, 05 Jul 2021 09:25:52 GMT
x-azure-ref
0IdDiYAAAAAC6lPEjRd8fS4Kyl3au5l/uRlJBRURHRTEwMDcANmRiOWM2YjYtYmU5OS00ZjY1LWIxMWYtOTlhNzg3MDYyNTE2
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
5336cdfe-701e-0054-323c-6fe7b8000000
x-ms-version
2009-09-19
FannGrotesque-SemiBold.woff2
cdn.spv.no/static/assets/fonts/1.1.0/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.spv.no/static/assets/fonts/1.1.0/FannGrotesque-SemiBold.woff2
Requested by
Host: security.spv.no
URL: https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/spvcss?v=9kNqcB_x2q0dQy_8IQrf2IRltVE9zp26-d38rmHdUUg1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
67520e54627c889885736018122d1dd0924abf843b4547e59a6bb9e304778afb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://sparebank-auth.com
Referer
https://security.spv.no/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-azure-ref-originshield
0LGvhYAAAAABiAExqqqetSbgw5whGsMfrTE9OMjFFREdFMDIwOAA2ZGI5YzZiNi1iZTk5LTRmNjUtYjExZi05OWE3ODcwNjI1MTY=
content-md5
yAeTTTFUIv85o8QKo2fD5g==
x-cache
TCP_HIT
content-length
26300
etag
0x8D930AC8FC70D3E
x-ms-lease-status
unlocked
last-modified
Wed, 16 Jun 2021 09:53:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-frame-options
DENY
date
Mon, 05 Jul 2021 09:25:52 GMT
x-azure-ref
0IdDiYAAAAADJ8sNP8nduQKA5Dmy7RpqbRlJBRURHRTEwMDcANmRiOWM2YjYtYmU5OS00ZjY1LWIxMWYtOTlhNzg3MDYyNTE2
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
46e77138-101e-0020-3def-6fd348000000
x-ms-version
2009-09-19
autsigniframecss
www.spv.no/bundles/ Frame C45A 		99 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
e7c7425b4fd034437c2ea877580cc9656e6651567ec69422a14bfd89fd4321d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jul 2021 09:25:53 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
101651
Expires
Tue, 05 Jul 2022 09:25:53 GMT
VisitorIdentification.js
www.spv.no/layouts/system/ Frame C45A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/layouts/system/VisitorIdentification.js
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Nov 2019 16:13:22 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
2203
postmessage
www.spv.no/bundles/ Frame C45A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/bundles/postmessage?v=ydbirF4gT9C9f8PJNcxDQKpgv0lHs1RqnAbATieCKgM1
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
3a420fc1bdc5658c500b509801007e21b41855a42b63bd9f64f4a710ac899e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/top
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jul 2021 09:25:53 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
1635
Expires
Tue, 05 Jul 2022 09:25:53 GMT
autsigniframecss
www.spv.no/bundles/ Frame 97B8 		99 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
e7c7425b4fd034437c2ea877580cc9656e6651567ec69422a14bfd89fd4321d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jul 2021 09:25:53 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
101651
Expires
Tue, 05 Jul 2022 09:25:53 GMT
VisitorIdentification.js
www.spv.no/layouts/system/ Frame 97B8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/layouts/system/VisitorIdentification.js
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Nov 2019 16:13:22 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
2203
postmessage
www.spv.no/bundles/ Frame 97B8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/bundles/postmessage?v=ydbirF4gT9C9f8PJNcxDQKpgv0lHs1RqnAbATieCKgM1
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
3a420fc1bdc5658c500b509801007e21b41855a42b63bd9f64f4a710ac899e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/right
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jul 2021 09:25:53 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
1635
Expires
Tue, 05 Jul 2022 09:25:53 GMT
autsigniframecss
www.spv.no/bundles/ Frame DBB3 		99 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
e7c7425b4fd034437c2ea877580cc9656e6651567ec69422a14bfd89fd4321d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jul 2021 09:25:53 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
101651
Expires
Tue, 05 Jul 2022 09:25:53 GMT
VisitorIdentification.js
www.spv.no/layouts/system/ Frame DBB3 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/layouts/system/VisitorIdentification.js
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 Nov 2019 16:13:22 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
2203
postmessage
www.spv.no/bundles/ Frame DBB3 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/bundles/postmessage?v=ydbirF4gT9C9f8PJNcxDQKpgv0lHs1RqnAbATieCKgM1
Requested by
Host: www.spv.no
URL: https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
3a420fc1bdc5658c500b509801007e21b41855a42b63bd9f64f4a710ac899e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.spv.no/Applikasjoner/innlogging/bank_id_2/step1/bottom
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 05 Jul 2021 09:25:53 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
1635
Expires
Tue, 05 Jul 2022 09:25:53 GMT
oswald-regular-webfont.woff
www.spv.no/fonts/ Frame 97B8 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/fonts/oswald-regular-webfont.woff
Requested by
Host: www.spv.no
URL: https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
8c14feadea93cbf1e1c695db9a17d183311db25ef0bd1f74dd2619ac3ce57d37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.spv.no
Referer
https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Jun 2021 10:12:52 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:53 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/font-woff
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
26080
Roboto-Regular-webfont.woff
www.spv.no/fonts/ Frame 97B8 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.spv.no/fonts/Roboto-Regular-webfont.woff
Requested by
Host: www.spv.no
URL: https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.148.39.51 Torvastad, Norway, ASN13243 (AS13243, NO),
Reverse DNS
Software
WebServer/1.0 /
Resource Hash
a12c4e4cbb9af399d79c11afde85153d003e7e05858f8a5978d309a33c5d5df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.spv.no
Referer
https://www.spv.no/bundles/autsigniframecss?v=8PA0vw6a4FZZgmZiVXNrBjhk9FQqbdYR4qOGcMXXX5Y1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Jun 2021 10:12:52 GMT
Server
WebServer/1.0
Date
Mon, 05 Jul 2021 09:25:52 GMT
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/font-woff
Access-Control-Expose-Headers
X-Content-Type-Options, content-disposition, X-Frame-Options
Cache-Control
private,max-age=31536000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
accept,content-type,origin,x-xsrf-token,x-requested-with
Content-Length
20064
statsService
stats.spv.no/api/ 		0
0
statsService
stats.spv.no/api/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.spv.no
URL
https://stats.spv.no/api/statsService
Domain
stats.spv.no
URL
https://stats.spv.no/api/statsService
Domain
stats.spv.no
URL
https://stats.spv.no/api/statsService

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparebanken West (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| IFrameResizer function| $ function| jQuery object| html5 object| Modernizr object| respond object| bid20upbw string| x object| bidBrowserTest

2 Cookies

Domain/Path Name / Value
sparebank-auth.com/ Name: BankID_Cookie_Test
Value: BankID_Cookie_Test
sparebank-auth.com/ Name: PHPSESSID
Value: fa9b14ccf0ed937e34331ec96c3b69f2

1 Console Messages

Source Level URL
Text
console-api warning URL: https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/js?v=EelrPSs1J19dnDBtaqoR3pFt-cv0R6M56JCVIjDmKzY1(Line 1)
Message:
jQuery.Deferred exception: Cannot read property 'addEventListener' of undefined TypeError: Cannot read property 'addEventListener' of undefined at new h (https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/behavioweb?v=-N-6yftez_sD0d35mMIXOXF-rDVVubtp0CMhX94fpkg1:1:592) at Object.field (https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/behavioweb?v=-N-6yftez_sD0d35mMIXOXF-rDVVubtp0CMhX94fpkg1:1:1109) at HTMLDocument.<anonymous> (https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/behavioweb?v=-N-6yftez_sD0d35mMIXOXF-rDVVubtp0CMhX94fpkg1:1:1321) at l (https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/js?v=EelrPSs1J19dnDBtaqoR3pFt-cv0R6M56JCVIjDmKzY1:1:40416) at a (https://security.spv.no/Innlogging/privat-web/Autentisering/bundles/js?v=EelrPSs1J19dnDBtaqoR3pFt-cv0R6M56JCVIjDmKzY1:1:40724) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.spv.no
security.spv.no
services.bankid.no
sparebank-auth.com
stats.spv.no
www.spv.no
stats.spv.no
185.61.154.7
2620:1ec:bdf::42
62.148.39.40
62.148.39.41
62.148.39.51
91.102.25.100
005e1df65898630b1c067dc1f102e75a5ca1aad6c2d6f609b7eadd20e36da309
0f9cab61466cd99a35557f4760e0babf55831822886fece887bade99028869a5
1e0cddefc5d27359cc9d6cbebd050858db837bc3a0162a4b2fbc8ad62dbb2607
1e5552c8cd9ab29f3effc709ce828d767d89c85c2e67fd3b09476ac0e4b810d7
3a420fc1bdc5658c500b509801007e21b41855a42b63bd9f64f4a710ac899e06
563d1d0e3b7b2251d1f18f21e3cd7cb6aa0e3c4c0f484b531b48855b55c45ac6
5d9f56a9df89ee63062a24e3ca2916acce245dee698654664ba20781debcff2f
67520e54627c889885736018122d1dd0924abf843b4547e59a6bb9e304778afb
74d3537e3c1ae777beddebef4504ca68db730a15af4dada6b887b0c40acf706a
7941c043b215ecc58d18e696d42abbd225eb0baa075cb5e31027725cc5312fce
7b957f6db3da09ada8011061e60a043c93bf6ac978200aef7639b508e5205872
7dfe4ba7c56822488049303f5a45967b412a09fb05323608ff1b8786c201f226
83d06f7446d9529a39dfdf0bf9267f66663cdcb5cc10e706d996fc4d95aa84f9
8c14feadea93cbf1e1c695db9a17d183311db25ef0bd1f74dd2619ac3ce57d37
8c31941286a996c00b3cabfe36947fc2d80aef01195fb69fd7c0ce8fa0b7cc94
9b3f4f7b98265c9380eb01e7597bb05d5b99999792286325fde9d03bbd5ff07a
a12c4e4cbb9af399d79c11afde85153d003e7e05858f8a5978d309a33c5d5df1
a2df8faca11ffba95a730b0c88e53b986209c9020888bd70a2a28b6e0280f090
a2eda1a3ad2e233256f54b9763b9e4b807a73d159777ce1fddd5187640d46595
bb160f87c96ea6c655fa1d2af6b929420576414f9fc1c82f6287314d97877701
c76455516174d7457a68eefdb2371cb441060951de9eb412f1f34adbea6c5c15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c7425b4fd034437c2ea877580cc9656e6651567ec69422a14bfd89fd4321d4
fe2631185ccba5c77fed094680e429f6f3f311efdb77963357e27c6ecea5dc8c