urlscan.io logo urlscan.io
SecurityTrails logo

firstcallonl.ine.se Open in urlscan Pro
109.74.4.246  Public Scan

Go To Rescan Add Verdict Report
URL: http://firstcallonl.ine.se/
Submission: On March 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 25 HTTP transactions. The main IP is 109.74.4.246, located in Sweden and belongs to GLESYS-AS, SE. The main domain is firstcallonl.ine.se.
This is the only time firstcallonl.ine.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 109.74.4.246 43948 (GLESYS-AS)
1 2 94.46.52.216 200719 (MISSDOMAIN)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 172.217.23.130 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 159.253.26.175 43948 (GLESYS-AS)
25 9
4    109.74.4.246 (Sweden)

ASN43948 (GLESYS-AS, SE)
PTR: 109-74-4-246-static.glesys.net
firstcallonl.ine.se
ine.se
2    94.46.52.216 (United States)

ASN200719 (MISSDOMAIN, SE)
PTR: vps.kaffeochte.se
retargettracker.com
www.retargettracker.com
5    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
pagead2.googlesyndication.com
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    159.253.26.175 (Sweden)

ASN43948 (GLESYS-AS, SE)
PTR: 159-253-26-175-static.glesys.net
rabblex.se
Domain Requested by
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
firstcallonl.ine.se
cdn.ampproject.org
tpc.googlesyndication.com
4 cdn.ampproject.org securepubads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
firstcallonl.ine.se
3 pagead2.googlesyndication.com firstcallonl.ine.se
securepubads.g.doubleclick.net
3 ine.se firstcallonl.ine.se
2 rabblex.se 1 redirects www.retargettracker.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com firstcallonl.ine.se
1 www.retargettracker.com firstcallonl.ine.se
1 retargettracker.com 1 redirects
1 firstcallonl.ine.se
25 12

This site contains links to these domains. Also see Links.

Domain
ine.se
www.mirioltd.com
Subject Issuer Validity Valid
retargettracker.com
Let's Encrypt Authority X3		 2020-01-27 -
2020-04-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
rabblex.se
Let's Encrypt Authority X3		 2020-02-29 -
2020-05-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://firstcallonl.ine.se/
Frame ID: 993C7833578C20FFE49F3E3F044BA91B
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js
Frame ID: 7F8E03F935EEB28AF0EB334FE5D23281
Requests: 8 HTTP requests in this frame

Frame: https://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732
Frame ID: 7BDDA4B9F664C85E5FD9542E81B5FFC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C69FDFB5581626835130547239954025
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

76 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

9
IPs

3
Countries

391 kB
Transfer

1075 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://retargettracker.com/in/campaign/gg1nz84ox HTTP 301
  • https://www.retargettracker.com/in/campaign/gg1nz84ox
Request Chain 20
  • http://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732 HTTP 301
  • https://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
firstcallonl.ine.se/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://firstcallonl.ine.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
253347f5a027cc9fed20cc58c70d6383ee9b9eabde7a295699ea89b18e204a93

Request headers

Host
firstcallonl.ine.se
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:01 GMT
Server
Apache/2.4.10 (Debian)
Set-Cookie
PHPSESSID=dmur0et0fnebl9l6ct4mab8q43; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1479
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
global.css
ine.se//live/includes/globals/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ine.se//live/includes/globals/global.css
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
34feaf7e01faa96a3c76b30c9baa57c9c0d22b62e05c5d96556c6aebe43fc999

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 May 2013 09:30:48 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1619-4dd73743d6200-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1353
style.css
ine.se//live/templatesdir/styles/Style_3L/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ine.se//live/templatesdir/styles/Style_3L/style.css
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
1e27b8c8f887ab820c10308b05269798ceb4ec1b47a303163804c92f301f2039

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jan 2020 13:17:08 GMT
Server
Apache/2.4.10 (Debian)
ETag
"a0e-59ca63993e41a-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
741
jquery.js
ine.se/live/includes//statistics/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ine.se/live/includes//statistics/jquery.js
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 May 2012 12:46:13 GMT
Server
Apache/2.4.10 (Debian)
ETag
"d7e8-4bf71a7b96f40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19147
gg1nz84ox
www.retargettracker.com/in/campaign/
Redirect Chain
  • http://retargettracker.com/in/campaign/gg1nz84ox
  • https://www.retargettracker.com/in/campaign/gg1nz84ox
6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.retargettracker.com/in/campaign/gg1nz84ox
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.46.52.216 , United States, ASN200719 (MISSDOMAIN, SE),
Reverse DNS
vps.kaffeochte.se
Software
nginx/1.6.2 /
Resource Hash
e9a83978ee1ab1725dbff4e760029186777f8ccece6c7506bbeb7a568194f8e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:03 GMT, Sat, 07 Mar 2020 00:27:03 GMT
Content-Encoding
gzip
Server
nginx/1.6.2
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private, no-cache, private
Connection
keep-alive

Redirect headers

Location
https://www.retargettracker.com/in/campaign/gg1nz84ox
Date
Sat, 07 Mar 2020 00:27:03 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
184
Content-Type
text/html
gpt.js
www.googletagservices.com/tag/js/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90d49bf0f9211632e3c07008ddf38f0a1ce1540c2d94d7a4a63424780060fbf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"449 / 116 of 1000 / last-modified: 1583428104"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
14617
X-XSS-Protection
0
Expires
Sat, 07 Mar 2020 00:27:02 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=firstcallonl.ine.se
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 07 Mar 2020 00:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=firstcallonl.ine.se
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 07 Mar 2020 00:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020030201.js
securepubads.g.doubleclick.net/gpt/ 		164 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js?21065656
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
sffe /
Resource Hash
227bdf139a3bf9f7c2945b1015c9e25b43e5af3dfd77d9dca46ae79e01ea6e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 07 Mar 2020 00:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Mar 2020 14:06:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
61409
x-xss-protection
0
expires
Sat, 07 Mar 2020 00:27:02 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		94 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=789544194186207&correlator=3842886652523420&output=ldjh&impl=fifs&adsid=NT&eid=21065656%2C21062888%2C21064713%2C21065433%2C21065444%2C21065576%2C21064522&vrg=2020030201&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200307&iu_parts=40173864%2CPT_parking%2CMT_parking%2CPT_panda_parking%2CMT_panda_parking%2CPT_3L_parking%2CMT_3L_parking&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=980x240%2C300x250%7C320x320%2C980x240%2C300x250%7C320x320%2C980x240%2C300x250%7C320x320&prev_scp=Park%3D3L%7CPark%3D3L%7CPark%3D3L%7CPark%3D3L%7CPark%3D3L%7CPark%3D3L&cookie_enabled=1&bc=23&abxe=1&lmt=1583540822&dt=1583540822329&dlt=1583540822046&idt=271&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C-9%2C0%2C-9&adys=-9%2C-9%2C-9%2C-9%2C0%2C-9&adks=3476279294%2C2678141265%2C2749035204%2C2120316577%2C1190095575%2C1655974940&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ffirstcallonl.ine.se%2F&dssz=10&icsg=2216&std=0&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C1585x240%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C980x-1%7C0x-1&ga_vid=292773513.1583540822&ga_sid=1583540822&ga_hid=1141506097&fws=2%2C2%2C2%2C2%2C4%2C2&ohw=0%2C0%2C0%2C0%2C1585%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
418226f5ca40cc890d73c5de5e89b78332851ffb4f9970a988927bfe0a055482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
Origin
http://firstcallonl.ine.se
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 07 Mar 2020 00:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9803
x-xss-protection
0
google-lineitem-id
113711504,115433024,4971974787,4972037407,5037416616,5037414603
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138267872152,138267565076,138261689729,138261700725,138267565611,138267565506
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://firstcallonl.ine.se
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020030201.js
securepubads.g.doubleclick.net/gpt/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js?21065656
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
sffe /
Resource Hash
cdf4bc477f4aa7b15e1e911bbcb38f48876001a8c70fa5a083d624e24bb6675f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 07 Mar 2020 00:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 02 Mar 2020 14:06:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25775
x-xss-protection
0
expires
Sat, 07 Mar 2020 00:27:02 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers
amp4ads-v0.js
cdn.ampproject.org/rtv/012002192257490/ Frame 7F8E 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
Origin
http://firstcallonl.ine.se
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21902
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55776
x-xss-protection
0
server
sffe
date
Fri, 06 Mar 2020 18:22:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef402632ed7828b5"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Mar 2021 18:22:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012002192257490/ Frame 7F8E 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21902
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55776
x-xss-protection
0
server
sffe
date
Fri, 06 Mar 2020 18:22:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef402632ed7828b5"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Mar 2021 18:22:00 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012002192257490/v0/ Frame 7F8E 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012002192257490/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2330d883dd19a510c1f22595372339a0d087b268c122e0ce88a117077fe9512e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
21884
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28193
x-xss-protection
0
server
sffe
date
Fri, 06 Mar 2020 18:22:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7a316e35698494ac"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Mar 2021 18:22:18 GMT
truncated
/ Frame 7F8E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a6ac3df1479cad286961d3a940a5bb6d4b99863ae1b678bfe56cc973c9f6eb9

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012002192257490/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012002192257490/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6e4151723a408b5ac112d5a5418d57da536b66eece45b0eb6b654fa4955c85a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
8750
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7147
x-xss-protection
0
server
sffe
date
Fri, 06 Mar 2020 22:01:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5f4d41a8d71ac199"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Mar 2021 22:01:12 GMT
457391980802846836
tpc.googlesyndication.com/simgad/ Frame 7F8E 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/457391980802846836
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9f69ffff7dff22e15b7d1d6e86934ef664dbc4ff845acb37f9f5e7d3f3ac972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 07:41:46 GMT
x-content-type-options
nosniff
age
146716
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50980
x-xss-protection
0
last-modified
Fri, 16 Jan 2015 12:32:17 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Mar 2021 07:41:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7F8E 		0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuW-GmOgOa0fXthn02qhP-DOo4fPSudfYliYLxyXD-8ifKGbJX4BSS5X7bgTdcE2WzBHc8gfnRMoxjwehdF6G4rWq0IzQYKkbH6b-23XnbYI9luxOzk2UE3DccYq8a8LUq5E71hFTbGIeZiLeBcm3hBwXlefvxrZibth9u8ikp4QUD_2BCVt-jZQx_7wH3pFwtKWwkCi1PG6Ywu6s-fNcyTRUtMjj43dbyw5hKXe_c4es_ETY2X-d2kDjiO5L1bVkzvs6UyYDVXoG67&sai=AMfl-YRu7pONIlxhz94paf0sVTMoBv1QYAsnWZMrAcukckvDzCmYOYHeJpEwSHy92gqpGI3CKpjLogIyPFh51t-J4UX95-3KA9tQToA5RIlf&sig=Cg0ArKJSzCdaqod1kCCKEAE&adurl=
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 07 Mar 2020 00:27:02 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 07 Mar 2020 00:27:02 GMT
457391980802846836
tpc.googlesyndication.com/simgad/ Frame 7F8E 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/457391980802846836
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9f69ffff7dff22e15b7d1d6e86934ef664dbc4ff845acb37f9f5e7d3f3ac972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 05 Mar 2020 07:41:46 GMT
x-content-type-options
nosniff
age
146716
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
50980
x-xss-protection
0
last-modified
Fri, 16 Jan 2015 12:32:17 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Mar 2021 07:41:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7F8E 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0EOPRuS4YPb2wcd5mlycaUnzUhpzftavRvqd-nrs-P3WkqGuztrxbMJ0pAzw-fkNx_Y8EheOS5TS7spjy6goLvYOyZfTmGpAELHJn78E&sig=Cg0ArKJSzORsPU_x2Z2fEAE&id=ampim&o=0,0&d=980,240&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=93&tls=1093&g=100&h=100&tt=1093&r=v&adk=1190095575&avms=ampa
Requested by
Host: firstcallonl.ine.se
URL: http://firstcallonl.ine.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 07 Mar 2020 00:27:03 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
out.php
rabblex.se/banners/ Frame 7BDD
Redirect Chain
  • http://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732
  • https://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732
Requested by
Host: www.retargettracker.com
URL: https://www.retargettracker.com/in/campaign/gg1nz84ox
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.26.175 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
159-253-26-175-static.glesys.net
Software
Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Host
rabblex.se
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:04 GMT
Server
Apache/2.4.25 (Debian)
Referrer-Policy
same-origin
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
877
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 07 Mar 2020 00:27:03 GMT
Server
Apache/2.4.25 (Debian)
Location
https://rabblex.se/banners/out.php?id=138&code=acfa452bb1&track=1864732
Content-Length
363
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js?21065656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3dc6f1561c2e4f8a6a778a4b185b929ef2029a72c662f0bf944ff932b89e4c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
Origin
http://firstcallonl.ine.se
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 07 Mar 2020 00:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5203
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js?21065656
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 07 Mar 2020 00:27:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Sat, 07 Mar 2020 00:27:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C69F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://firstcallonl.ine.se/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://firstcallonl.ine.se/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sat, 07 Mar 2020 00:24:41 GMT
expires
Sun, 07 Mar 2021 00:24:41 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
144
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030201&jk=789544194186207&bg=!CAulCxNYVa80HSazZlUCAAAAMVIAAAAKmQFembjj2u9a5p_4GuFRJ0nvfs0mEMtXAkLrMHYFik2Yp6XuTU4hkRk77JX5CRkPtP4ROotckNKNBRLrMSOsy93pVQ-44Xhpm4i18XXGA6BlQ2RU9AuSyGwUnsr89CVzd_MPheeGhNlLZ3YxOwdrygiTlkayLMHvFJFLOzPEixOMnu3Uxb2hu_iR6oGOeeyDeM2v0_dwtjt77TIGsgSqvKK0fNBfXNn8ZLhXLa-F66FgeIuchHbPP5szyHrSTk8DEY0gcq_7mF0why5cUrpJCz-WVeH0xIZZ5mwgSPSZmH-0ehnHAKdjcWLTsfmqftGvFZZeaelU20FTVznQM8pUHxI5DFwwF_v72jnWlvfimjZgck7GdbkWbUqlOXM3AetkzA_pMtUX51-6xUMNItlmZb15VF8tnp-EgOviXY0T-Udi8IDrnBo1xAc_CjGGr5RpY9jlV5so6BTITHFZvgWC_kw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://firstcallonl.ine.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 07 Mar 2020 00:27:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| selectText object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| __tracker_report object| Modernizr object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.hotels.com/ Name: bm_sz
Value: 335285D3F32E32CB9460BE5DDCB9A7A0~YAAQyF4OF6mQ4aNwAQAAM2tjsgftvXc1x0COHkI4GJmy0YV74p1FlIYKSylOEEPTuASDSQNks9+WqYl+XyZDSX100wguX9Lxi0lfHJ21OJXEBeCfgfS/T/xJjQbX12HqN/OJWxVm1YwO6TLNrvVyx5l+2IPYwZJJdhloLny0iohaNSEwXV8/xBjMXHfui9Of
sv.hotels.com/ Name: akacd_pr_20
Value: 1588724824~rv=21~id=0c71fef900d5e9668822302a67f03fcd
.hotels.com/ Name: user
Value: QSpzdl9TRXxIQ09NX1NF
.hotels.com/ Name: visitId
Value: 58bf90dc-49a4-41d5-9b97-a39887ab71fd
.hotels.com/ Name: guid
Value: cf939e56-0e7a-4361-b183-51a494df083c
sv.hotels.com/ Name: dr
Value: CCC~1583540824~D3D9B4C5E2421ECAE51476556951DD69BC3824F364388DF20FF9B2F605AD3F64
.hotels.com/ Name: DISTRIBUTION_PARTNER_DATA
Value: AFF.HCOM.SE.002.003.5350879.CJAFF.KWRD%3D5EB97412600A11EA81F100080A180511.CID%3D1556904.TYPE%3D416031
.hotels.com/ Name: SESSID
Value: udgo2yH8O3PeTeab3_6LiusTVH.hpa-64898db6f8-5x5qd
.hotels.com/ Name: _abck
Value: 09B0513ECCA1808672AD396AA8A87629~-1~YAAQyF4OF6qQ4aNwAQAAM2tjsgOvXK5jmWeRIYRPj3T3oooUeqSWdpMVqrR2b6U9WY9L4kg9IZfurFa/34Q9afr1cYk6jbiiQlL5FWwiWwZHglETZCH+fl6peE8pQQ94+uev3vdHKaHNQ/QxGhCn02DOf/XhGU5LA2MY9o/Nuqb6q1FZM3WuP9FGKwvNDohcKNAQitzD0b+LwoHJMca5vyd2yr9HtEuf6hYLpI7cMo0sWtS9KUHdiOcgjZHaZXWuakwUD0DI5ZNBYEtzgbaTsHVUZrxjPygHtWeogHM3kc4qTZVEhyFhroyL~-1~-1~-1
.hotels.com/ Name: h_darq
Value: f
.hotels.com/ Name: mvthistory
Value: eJwtjTEOwzAMA39kiKJsyVqLAFmKDn1A5%2Fwhj09qZTudCBKhvUmTRDia3nh4YtpYUiVmSaYyWIzUPp%2FAoDUsKUl1r6OnAdVrGHzApb5Mo%2FxpjVmnlre0GSt87q%2FP%2B%2FfdLjMsIck%3D
.hotels.com/ Name: 30dlt
Value: aff.hcom.se.002.003.5350879.cjaff
.hotels.com/ Name: aws
Value: 1
.hotels.com/ Name: asc
Value: 1
.hotels.com/ Name: channel
Value: CJ
.hotels.com/ Name: originatorCountry
Value: SE

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012002192257490/amp4ads-v0.js(Line 408)
Message:
Powered by AMP ⚡ HTML – Version 2002192257490 http://firstcallonl.ine.se/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
firstcallonl.ine.se
ine.se
pagead2.googlesyndication.com
rabblex.se
retargettracker.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
www.retargettracker.com
109.74.4.246
159.253.26.175
172.217.23.130
2a00:1450:4001:800::2001
2a00:1450:4001:819::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2002
94.46.52.216
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
1e27b8c8f887ab820c10308b05269798ceb4ec1b47a303163804c92f301f2039
227bdf139a3bf9f7c2945b1015c9e25b43e5af3dfd77d9dca46ae79e01ea6e9b
2330d883dd19a510c1f22595372339a0d087b268c122e0ce88a117077fe9512e
253347f5a027cc9fed20cc58c70d6383ee9b9eabde7a295699ea89b18e204a93
34feaf7e01faa96a3c76b30c9baa57c9c0d22b62e05c5d96556c6aebe43fc999
418226f5ca40cc890d73c5de5e89b78332851ffb4f9970a988927bfe0a055482
8a6ac3df1479cad286961d3a940a5bb6d4b99863ae1b678bfe56cc973c9f6eb9
90d49bf0f9211632e3c07008ddf38f0a1ce1540c2d94d7a4a63424780060fbf5
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b23c6db2aad79c099d48bac09371e980079a3995d071fa8d8c0ddf40b36a994a
b9f69ffff7dff22e15b7d1d6e86934ef664dbc4ff845acb37f9f5e7d3f3ac972
cdf4bc477f4aa7b15e1e911bbcb38f48876001a8c70fa5a083d624e24bb6675f
d3dc6f1561c2e4f8a6a778a4b185b929ef2029a72c662f0bf944ff932b89e4c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e4151723a408b5ac112d5a5418d57da536b66eece45b0eb6b654fa4955c85a
e9a83978ee1ab1725dbff4e760029186777f8ccece6c7506bbeb7a568194f8e8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629