nordeabrand.com Open in urlscan Pro
185.101.35.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nordeabrand.com/
Effective URL:
https://nordeabrand.com/login/
Submission: On March 04 via manual (March 4th 2019, 8:28:38 am UTC) from SE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 185.101.35.66, located in Norway and belongs to SERVETHEWORLD-AS, NO. The main domain is nordeabrand.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 22nd 2019. Valid for: 3 months.

This is the only time nordeabrand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 20	185.101.35.66 185.101.35.66		34989 (SERVETHEW...) (SERVETHEWORLD-AS)
1	23.111.9.35 23.111.9.35		33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:80b::200a		15169 (GOOGLE) (GOOGLE - Google LLC)
20	3

20 185.101.35.66 (Norway) 2 redirects

ASN34989 (SERVETHEWORLD-AS, NO)
PTR: vps-66.35.101.185.stwvps.net

nordeabrand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	nordeabrand.com 2 redirects nordeabrand.com	2 MB
1	googleapis.com fonts.googleapis.com	590 B
1	fontawesome.com use.fontawesome.com	12 KB
20	3

	Domain	Requested by
20	nordeabrand.com	2 redirects nordeabrand.com
1	fonts.googleapis.com	nordeabrand.com
1	use.fontawesome.com	nordeabrand.com
20	3

This site contains links to these domains. Also see Links.

Domain
brand.nordea.com

Subject Issuer	Validity	Valid
nordeabrand.com Let's Encrypt Authority X3	`2019-02-22` - `2019-05-23`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nordeabrand.com/login/
Frame ID: 59D92F9048A9D86A48E2A3F206C22CF5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nordeabrand.com/ HTTP 301
https://nordeabrand.com/ HTTP 301
https://nordeabrand.com/login/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i
meta generator /WordPress( [\d.]+)?/i
html /<!--[^>]+WP Rocket/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i
meta generator /WordPress( [\d.]+)?/i
html /<!--[^>]+WP Rocket/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

WP Rocket (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

html /<!--[^>]+WP Rocket/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

1702 kB
Transfer

1735 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://brand.nordea.com/login/
Title: https://brand.nordea.com/login/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nordeabrand.com/ HTTP 301
https://nordeabrand.com/ HTTP 301
https://nordeabrand.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nordeabrand.com/login/
Redirect Chain

http://nordeabrand.com/
https://nordeabrand.com/
https://nordeabrand.com/login/

8 KB
8 KB

45ms
44ms

Document
text/html

185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx / PHP/7.0.33
Resource Hash: 5c96736c738aff8792ff7f7ad33d2e46eecee59723cb784f7c09d5331553aec7

Request headers

:method: GET
:authority: nordeabrand.com
:scheme: https
:path: /login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 04 Mar 2019 08:26:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33
last-modified: Sun, 03 Mar 2019 19:56:14 GMT

Redirect headers

status: 301
server: nginx
date: Mon, 04 Mar 2019 08:26:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33
set-cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://nordeabrand.com/wp-json/>; rel="https://api.w.org/" <https://nordeabrand.com/>; rel=shortlink
x-redirect-by: WordPress
location: /login/

GET
H2 200 5dc39638de63c499b8566117c38b43c9.css
nordeabrand.com/wp-content/cache/min/1/ 959 KB
960 KB 42ms
35ms Stylesheet
text/css 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: d5a66580c071ab7e2e138391388ff2b5c0b545ba02805e5c40cb07a77cdc5a35

Request headers

:path: /wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Fri, 07 Dec 2018 14:57:31 GMT
server: nginx
etag: "5c0a8a5b-efd13"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 982291

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 33ms
7ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:28:22 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 jquery.min.js Show response
nordeabrand.com/wp-content/themes/mediasparx/js/ 95 KB
95 KB 114ms
108ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/mediasparx/js/jquery.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01

Request headers

:path: /wp-content/themes/mediasparx/js/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
etag: "59c2c277-17b93"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 97171

GET
H2 200 bootstrap.min.js Show response
nordeabrand.com/wp-content/plugins/download-manager/assets/bootstrap/js/ 35 KB
35 KB 114ms
108ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab

Request headers

:path: /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Wed, 19 Sep 2018 10:18:47 GMT
server: nginx
etag: "5ba22287-8c73"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 35955

GET
H2 200 front-4fc9151512df209c1a370702f89a259d.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/plugins/download-manager/assets/js/ 4 KB
4 KB 114ms
109ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/plugins/download-manager/assets/js/front-4fc9151512df209c1a370702f89a259d.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 9c4217f3b3ca8f8b65b31329e80a1ec8470a8e693c26185996d087236dc60a36

Request headers

:path: /wp-content/cache/min/1/wp-content/plugins/download-manager/assets/js/front-4fc9151512df209c1a370702f89a259d.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
etag: "5b8bc0b8-e2d"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3629

GET
H2 200 chosen.jquery.min.js Show response
nordeabrand.com/wp-content/plugins/download-manager/assets/js/ 51 KB
51 KB 113ms
108ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc

Request headers

:path: /wp-content/plugins/download-manager/assets/js/chosen.jquery.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Wed, 19 Sep 2018 10:18:47 GMT
server: nginx
etag: "5ba22287-cbc3"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 52163

GET
H2 200 settings.min.js Show response
nordeabrand.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/ 4 KB
4 KB 113ms
109ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/settings.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 08c7529703404345633f9aa60bf56880c8ba77fce54b75ee289553f011b8dcba

Request headers

:path: /wp-content/plugins/miniorange-saml-20-single-sign-on/includes/js/settings.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Wed, 20 Sep 2017 19:33:05 GMT
server: nginx
etag: "59c2c271-e33"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3635

GET
H2 200 nordea-logo.png
nordeabrand.com/wp-content/themes/nordea2/assets/ 3 KB
3 KB 113ms
109ms Image
image/png 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/nordea-logo.png
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: fc9108714b1c723cf60472dbf17dde24a8be0b539983b8741eb1a8b3b0274860

Request headers

:path: /wp-content/themes/nordea2/assets/nordea-logo.png
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
etag: "59c2c277-a69"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2665

GET
H2 200 search-c92452224390d21105c5d4bd3a5d39c1.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/ 905 B
1 KB 113ms
109ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/search-c92452224390d21105c5d4bd3a5d39c1.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 732714830fc4da497bc78f48733e9950dd2aaaf7c6f105b88afae2c48c0e2c4f

Request headers

:path: /wp-content/cache/min/1/wp-content/themes/mediasparx/js/search-c92452224390d21105c5d4bd3a5d39c1.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
etag: "5b8bc0b8-389"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 905

GET
H2 200 comment-collapse-4859f6c3c127b0071b64ce9921c9fe49.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/themes/nordea2/js/ 440 B
570 B 63ms
62ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/themes/nordea2/js/comment-collapse-4859f6c3c127b0071b64ce9921c9fe49.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 88148fde4004bd4c77e3ffabc80c965ac8360f87cacce1e176a4de29978822ff

Request headers

:path: /wp-content/cache/min/1/wp-content/themes/nordea2/js/comment-collapse-4859f6c3c127b0071b64ce9921c9fe49.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
etag: "5b8bc0b8-1b8"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 440

GET
H2 200 gravity-forms-plugin-8cd7d3981a0bb13fe39dd19896b9937c.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/ 2 KB
2 KB 63ms
62ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/themes/mediasparx/js/gravity-forms-plugin-8cd7d3981a0bb13fe39dd19896b9937c.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 851adad68aef0f23b15ef7009e978eaac1e00044c88b939eea09748f5c0921a8

Request headers

:path: /wp-content/cache/min/1/wp-content/themes/mediasparx/js/gravity-forms-plugin-8cd7d3981a0bb13fe39dd19896b9937c.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:56 GMT
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
etag: "5b8bc0b8-868"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2152

GET
H2 200 jquery.form.min.js Show response
nordeabrand.com/wp-includes/js/jquery/ 16 KB
16 KB 39ms
38ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-includes/js/jquery/jquery.form.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: ee1a97f49961f87c6aa495dca24759a1ca097b3c8612401e45c09248fae2fffa

Request headers

:path: /wp-includes/js/jquery/jquery.form.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Thu, 21 Feb 2019 23:00:11 GMT
server: nginx
etag: "5c6f2d7b-4028"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 16424

GET
H2 200 bootstrap.min.js Show response
nordeabrand.com/wp-content/themes/mediasparx/js/ 36 KB
36 KB 39ms
39ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/mediasparx/js/bootstrap.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: dbbc745f0d154d595f1f83beaf73ea90834b89e84decce565db64b0ba634dbbc

Request headers

:path: /wp-content/themes/mediasparx/js/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
etag: "59c2c277-90bf"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 37055

GET
H2 200 responsive-menu-pro-1-e4565036b5f794f1bb0ce4958f2d48e1.js Show response
nordeabrand.com/wp-content/cache/min/1/wp-content/uploads/responsive-menu-pro/js/ 3 KB
3 KB 41ms
40ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/cache/min/1/wp-content/uploads/responsive-menu-pro/js/responsive-menu-pro-1-e4565036b5f794f1bb0ce4958f2d48e1.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 529c374e449a2c6d7254add219913c3ed99e21cde81eeea330c3e52feaeff304

Request headers

:path: /wp-content/cache/min/1/wp-content/uploads/responsive-menu-pro/js/responsive-menu-pro-1-e4565036b5f794f1bb0ce4958f2d48e1.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Sun, 02 Sep 2018 10:51:36 GMT
server: nginx
etag: "5b8bc0b8-b93"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2963

GET
H2 200 js_composer_front.min.js Show response
nordeabrand.com/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
19 KB 41ms
41ms Script
application/javascript 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 0e79201b5011d2905ebbd53ed9823af28113f68d8391fec83dc9d7aa2afc6e94

Request headers

:path: /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/login/
:scheme: https
:method: GET
Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Tue, 17 Jul 2018 09:42:36 GMT
server: nginx
etag: "5b4dba0c-4cfe"
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 19710

GET
H2 200 css
fonts.googleapis.com/ 4 KB
590 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:400,600,700

Requested by

Host: nordeabrand.com
URL: https://nordeabrand.com/login/

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

6a1002684e69477160f15c0d29e1de13169293921907b0ef56421cb87c8d189c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nordeabrand.com/login/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 04 Mar 2019 08:28:22 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 04 Mar 2019 08:28:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2019 08:28:22 GMT

GET
H2 200 login-cover-2.jpg
nordeabrand.com/wp-content/themes/nordea2/assets/ 397 KB
397 KB 40ms
39ms Image
image/jpeg 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/login-cover-2.jpg
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: b81d53d7bb1d1d05d82955c9e958ded00f48eebbc72aa64bd9ca37933c8cc882

Request headers

:path: /wp-content/themes/nordea2/assets/login-cover-2.jpg
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
:scheme: https
:method: GET
Referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
etag: "59c2c277-63374"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 406388

GET
H2 200 NordeaSansLarge-Medium.woff2
nordeabrand.com/wp-content/themes/nordea2/assets/fonts/ 27 KB
27 KB 54ms
54ms Font
application/octet-stream 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/fonts/NordeaSansLarge-Medium.woff2
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: 1084fee790a347896f8f0d5fa521211d9789f6ab250940b5bd402aa052d5e245

Request headers

:path: /wp-content/themes/nordea2/assets/fonts/NordeaSansLarge-Medium.woff2
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
origin: https://nordeabrand.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
Origin: https://nordeabrand.com

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
etag: "59c2c277-6b38"
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 27448

GET
H2 200 NordeaSansSmall-Regular.woff2
nordeabrand.com/wp-content/themes/nordea2/assets/fonts/ 26 KB
26 KB 55ms
54ms Font
application/octet-stream 185.101.35.66
SERVETHEWORLD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nordeabrand.com/wp-content/themes/nordea2/assets/fonts/NordeaSansSmall-Regular.woff2
Requested by: Host: nordeabrand.com
URL: https://nordeabrand.com/login/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.101.35.66 , Norway, ASN34989 (SERVETHEWORLD-AS, NO),
Reverse DNS: vps-66.35.101.185.stwvps.net
Software: nginx /
Resource Hash: a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff

Request headers

:path: /wp-content/themes/nordea2/assets/fonts/NordeaSansSmall-Regular.woff2
pragma: no-cache
cookie: PHPSESSID=8qarmpp7n231gml5tt3ogee5i7
origin: https://nordeabrand.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: nordeabrand.com
referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://nordeabrand.com/wp-content/cache/min/1/5dc39638de63c499b8566117c38b43c9.css
Origin: https://nordeabrand.com

Response headers

date: Mon, 04 Mar 2019 08:26:57 GMT
last-modified: Wed, 20 Sep 2017 19:33:11 GMT
server: nginx
etag: "59c2c277-6734"
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 26420

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery1124045314135018014157 function| hideLockFrame function| getlicensekeysform string| wpdm_site_url string| wpdm_home_url string| ajax_url string| wpdm_ajax_url string| wpdm_ajax_popup function| vc_js string| screen_size function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| vc_googleMapsPointer function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nordeabrand.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8qarmpp7n231gml5tt3ogee5i7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
nordeabrand.com
use.fontawesome.com
185.101.35.66
23.111.9.35
2a00:1450:4001:80b::200a
08c7529703404345633f9aa60bf56880c8ba77fce54b75ee289553f011b8dcba
0e79201b5011d2905ebbd53ed9823af28113f68d8391fec83dc9d7aa2afc6e94
1084fee790a347896f8f0d5fa521211d9789f6ab250940b5bd402aa052d5e245
4574aea110cdaa1cf0c27bc5d0d9364a3c18e7a33a185c87d581c6b159703e01
4b9329f540f2a0a583e6b0dff71f0f68d819ca3920c752fdb4e6bb1f88659cab
529c374e449a2c6d7254add219913c3ed99e21cde81eeea330c3e52feaeff304
5c96736c738aff8792ff7f7ad33d2e46eecee59723cb784f7c09d5331553aec7
6a1002684e69477160f15c0d29e1de13169293921907b0ef56421cb87c8d189c
732714830fc4da497bc78f48733e9950dd2aaaf7c6f105b88afae2c48c0e2c4f
7373ca9ed2c272959213699ab6c34d53f342a2d01d996ebc543743312911a6dc
851adad68aef0f23b15ef7009e978eaac1e00044c88b939eea09748f5c0921a8
88148fde4004bd4c77e3ffabc80c965ac8360f87cacce1e176a4de29978822ff
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
9c4217f3b3ca8f8b65b31329e80a1ec8470a8e693c26185996d087236dc60a36
a93f6086756b2a2e94db8aaf795faab950a315cd9a8e32c5b0df707636dedfff
b81d53d7bb1d1d05d82955c9e958ded00f48eebbc72aa64bd9ca37933c8cc882
d5a66580c071ab7e2e138391388ff2b5c0b545ba02805e5c40cb07a77cdc5a35
dbbc745f0d154d595f1f83beaf73ea90834b89e84decce565db64b0ba634dbbc
ee1a97f49961f87c6aa495dca24759a1ca097b3c8612401e45c09248fae2fffa
fc9108714b1c723cf60472dbf17dde24a8be0b539983b8741eb1a8b3b0274860