bando-russia.bandoblog.com Open in urlscan Pro
173.254.90.213  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bando-russia.bandoblog.com/	6 KB 2 KB	227ms 110ms	Document text/html	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash d41f1ac750f6fec5a78103b455c49e43f245441af02f5e74981e2ac8ca361b7c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Tue, 08 Aug 2017 14:45:58 GMT Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Length 1986 Keep-Alive timeout=5, max=75 Content-Type text/html
GET H/1.1	200 OK	style.css no.bando.com/assets/	13 KB 3 KB	250ms 135ms	Stylesheet text/css	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://no.bando.com/assets/style.css Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 478449f0c84b6a4adab8c4f8f0d44ca10903f752b79f53b9dd65059733d1b511 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Content-Encoding gzip Last-Modified Tue, 08 Aug 2017 14:45:50 GMT Server Apache Accept-Ranges bytes Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type text/css Keep-Alive timeout=5, max=75 Content-Length 3119
GET H/1.1	200 OK	font.css no.bando.com/assets/	1 KB 604 B	249ms 134ms	Stylesheet text/css	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://no.bando.com/assets/font.css Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash c4db3c0bd763cdd44a14f2c1b71336851a58eeca5efc1ec6dbffacbd148481a3 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Content-Encoding gzip Last-Modified Tue, 08 Aug 2017 14:45:42 GMT Server Apache Accept-Ranges bytes Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type text/css Keep-Alive timeout=5, max=75 Content-Length 248
GET H/1.1	200 OK	logo.gif no.bando.com/images/	5 KB 6 KB	219ms 105ms	Image image/gif	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/logo.gif Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 74494fcb233c2db6a0c101d861dcbec94e9d869be60a41fb871ead72fee9580a Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Thu, 20 Jul 2017 20:35:49 GMT Server Apache Accept-Ranges bytes Upgrade h2,h2c Connection Upgrade, Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type image/gif Keep-Alive timeout=5, max=75 Content-Length 5420
GET H/1.1	200 OK	Column-Left-03.svg no.bando.com/images/	19 KB 20 KB	221ms 107ms	Image image/svg+xml	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/Column-Left-03.svg Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 32a6f77cbb60fffce3e2f2a4d236f67db54aa46cf5cf93efdffde2dfd8a06994 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Thu, 20 Jul 2017 20:35:48 GMT Server Apache Accept-Ranges bytes Upgrade h2,h2c Connection Upgrade, Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type image/svg+xml Keep-Alive timeout=5, max=75 Content-Length 19814
GET H/1.1	200 OK	Column-Right-03.svg no.bando.com/images/	18 KB 18 KB	243ms 129ms	Image image/svg+xml	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/Column-Right-03.svg Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash c36b8282f017100806dadbc114055e09084b7c224f4a08fce10586a4af73f876 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Thu, 20 Jul 2017 20:35:48 GMT Server Apache Accept-Ranges bytes Upgrade h2,h2c Connection Upgrade, Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type image/svg+xml Keep-Alive timeout=5, max=75 Content-Length 18247
GET H/1.1	200 OK	Column-Right-04.jpg no.bando.com/images/	186 KB 187 KB	244ms 130ms	Image image/jpeg	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/Column-Right-04.jpg Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 0f6ed8268ffc4d8776844650a0c99c62efa57b443eef7f7f7245cfd84afd7019 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Thu, 20 Jul 2017 20:35:49 GMT Server Apache Accept-Ranges bytes Upgrade h2,h2c Connection Upgrade, Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Content-Type image/jpeg Keep-Alive timeout=5, max=75 Content-Length 190716
GET H/1.1	200 OK	website-Smile-icon-face.png no.bando.com/images/	5 KB 5 KB	135ms 134ms	Image image/png	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/website-Smile-icon-face.png Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 4fe1468ec44d6d6240de7f1e59251a3dee1258db68d127ff26298baa905b0be0 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Thu, 20 Jul 2017 20:35:49 GMT Server Apache Accept-Ranges bytes Content-Type image/png Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=74 Content-Length 5000
GET H/1.1	200 OK	website-Smile-icon-heygirlhey.png no.bando.com/images/	3 KB 3 KB	108ms 108ms	Image image/png	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/website-Smile-icon-heygirlhey.png Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 9cb97d7feb304814fa3307e10fdc068b1d1d65efe43a4f593c45c8a5ce452617 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Thu, 20 Jul 2017 20:35:49 GMT Server Apache Accept-Ranges bytes Content-Type image/png Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=74 Content-Length 2752
GET H2	200	snapwidget.js Show response snapwidget.com/js/	22 KB 7 KB	78ms 26ms	Script application/javascript	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/js/snapwidget.js Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 07:43:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1612 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Wed, 09 Mar 2022 07:43:24 GMT server cloudflare etag W/"62285a9c-560f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1LHb2tvvhHMKJjh%2BvzlTd2G5djc2rA9cb8SHTBMPY38cGUsLInK2EDfBWveAxcTMdKRmIXaPG3eEO3DgupsNGvOyAG97EZKLnsLWQb50eA74KJxqvMq%2FyeX5d2rN%2Bx8"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 6ed419574e5a8c8a-EWR cf-bgj minify
GET H/1.1	200 OK	instagram.gif no.bando.com/images/	2 KB 2 KB	109ms 109ms	Image image/gif	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/instagram.gif Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash cdb55ec85c815c85d71b940b915978ca860f0165e09e27dabd3e4ab76c28c003 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:40 GMT Last-Modified Tue, 01 Aug 2017 15:49:48 GMT Server Apache Accept-Ranges bytes Content-Type image/gif Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=74 Content-Length 1977
GET H/1.1	200 OK	facebook.gif no.bando.com/images/	1 KB 2 KB	111ms 111ms	Image image/gif	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/facebook.gif Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 150919d0b4dd95f88049342f5b22de8836cb81c2b580423e55ec687b49d4b519 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:41 GMT Last-Modified Tue, 01 Aug 2017 15:49:53 GMT Server Apache Accept-Ranges bytes Content-Type image/gif Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=73 Content-Length 1331
GET H/1.1	200 OK	twitter.gif no.bando.com/images/	2 KB 2 KB	111ms 111ms	Image image/gif	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/twitter.gif Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash c2e61dcc16653962dec051f291d6da67b7cfc0b666eebe1df013c2578b8cd863 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:41 GMT Last-Modified Tue, 01 Aug 2017 15:49:48 GMT Server Apache Accept-Ranges bytes Content-Type image/gif Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=73 Content-Length 1801
GET H/1.1	200 OK	pinterest.gif no.bando.com/images/	563 B 847 B	111ms 111ms	Image image/gif	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/pinterest.gif Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 015cc79e34e63d2d0c2420e50c815f01bbaa14c4a4971ed008493058fe4e0587 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:41 GMT Last-Modified Tue, 01 Aug 2017 15:49:48 GMT Server Apache Accept-Ranges bytes Content-Type image/gif Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=73 Content-Length 563
GET H/1.1	200 OK	youtube.gif no.bando.com/images/	2 KB 2 KB	108ms 107ms	Image image/gif	173.254.90.213 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://no.bando.com/images/youtube.gif Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol HTTP/1.1 Server 173.254.90.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 173-254-90-213.unifiedlayer.com Software Apache / Resource Hash 8773852d8d8da6eff6110c44d87587e24682f49db01efad103d05f65182774a1 Request headers Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:41 GMT Last-Modified Tue, 01 Aug 2017 15:49:48 GMT Server Apache Accept-Ranges bytes Content-Type image/gif Connection Keep-Alive host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== Keep-Alive timeout=5, max=72 Content-Length 1768
GET		GT-Walsheim-Medium.woff no.bando.com/assets/	0 0
GET		GT-Walsheim-Bold.woff no.bando.com/assets/	0 0
GET H2	200	411533 Show response snapwidget.com/embed/ Frame BAB4	30 KB 11 KB	147ms 147ms	Document text/html	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/embed/411533 Requested by Host: bando-russia.bandoblog.com URL: http://bando-russia.bandoblog.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e9f9a1a6aa4b7916f1245eb04edada09ce4c099824c3a4ae97facde04d37cf4 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer http://bando-russia.bandoblog.com/ Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control no-cache, private x-robots-tag all x-xss-protection 1; mode=block x-content-type-options nosniff cf-cache-status BYPASS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=et2YoFLb%2FEbl%2FDR%2B15tzKvW4jEEBK%2F12%2B99HJnIs54dxvyiS8LUrXaKBEmEwcJI3BqBtVDjP4y2TYN65u7oX%2BpuIWXtb0ADLeSakEXdb56XPFIUvTicJwsfXX9TRL5Mr"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=2592000 server cloudflare cf-ray 6ed41958a8418c8a-EWR content-encoding br
GET H2	200	embed.vendor.min.760717b3f565c387.css snapwidget.com/stylesheets/ Frame BAB4	2 KB 1 KB	24ms 23ms	Stylesheet text/css	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/stylesheets/embed.vendor.min.760717b3f565c387.css Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 131dec6a86a10ddda2bf8740d1f4225efeac800e2f403eb5ee60451c7fb372a5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/embed/411533 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2406576 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Tue, 15 Feb 2022 09:53:18 GMT server cloudflare etag W/"620b780e-937" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNHuFcdWSzEwIqa14No4WY8r%2FNf8pNYmHa%2Bu0IIa2kPPHKZvNKHyvCSpZKODlTnsOZ6dtg49K06mxwSf9uwX95j3vmkhVKldTjLLOpF84SUPK5qPWtFGHa1%2Bm3nyEcB1"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 6ed41959b9e38c8a-EWR cf-bgj minify
GET H2	200	embed.style.min.307799cd3bc5b2ee.css snapwidget.com/stylesheets/ Frame BAB4	16 KB 4 KB	25ms 24ms	Stylesheet text/css	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/stylesheets/embed.style.min.307799cd3bc5b2ee.css Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8988d47e2ab355eeeaec4a43d412c4eb81015fe23c57292cca36dc57716a398 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/embed/411533 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1664 cf-polished origSize=15975 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Thu, 03 Mar 2022 07:36:39 GMT server cloudflare etag W/"62207007-3e67" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD1MpxOCwjcsCdkT14VBy%2BPIxGl76upLM71zyFnibJbNZDaEHkxYmCHUmyYGSqt%2BYlicYD3XbwejyoVOZ4Q370FujstmzohkAMSL7mmAz%2BteNaZ0mpBV6DH0eM4GuK4C"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000 cf-ray 6ed41959b9e48c8a-EWR cf-bgj minify
GET H2	200	embed.vendor.min.2f17f0b14ee46c5a.js Show response snapwidget.com/js/ Frame BAB4	2 KB 1 KB	24ms 24ms	Script application/javascript	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/js/embed.vendor.min.2f17f0b14ee46c5a.js Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21a2e6c484de0c29d96ec0ac407ee0603dfd95741951506ed7a1bcbc6a6db4bc Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/embed/411533 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 531448 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Thu, 03 Mar 2022 07:36:44 GMT server cloudflare etag W/"6220700c-9e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QciTtOTrFLqfLje%2B0KZCj3FmXBrGE1zVp1HZ6%2BoiQJR2WO5%2Fxiov9cEODLMxjSde1qWStGO0QR0X%2B0LwvbU%2FLcOjOaOQWN5dqU2QI6W0PymRjZzrvtVPiS9VGTn0uGJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 6ed41959b9e58c8a-EWR cf-bgj minify
GET H2	200	embed.main.min.b61fafc5de1ae792.js Show response snapwidget.com/js/ Frame BAB4	3 KB 1 KB	25ms 25ms	Script application/javascript	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/js/embed.main.min.b61fafc5de1ae792.js Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be964cc6c34b45ebc4001869bd65c222853e4db7d4e96b21120107648ff7b11c Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/embed/411533 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1651 vary Accept-Encoding x-xss-protection 1; mode=block last-modified Thu, 03 Mar 2022 07:37:14 GMT server cloudflare etag W/"6220702a-b2e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MKl1aPwtShL3koO4hZFhP3eiqUnt2adKhoYuMEungCdJuLB%2FCJtlhO0x3j2Z7ETTcBVfEvcInDaDUf9J%2BSzNJFGQXELYJpaXRwhI0SPASoW7dQtx492OoOJHXoVRj3X"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 6ed41959b9e68c8a-EWR cf-bgj minify
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/ Frame BAB4	14 KB 5 KB	71ms 36ms	Script text/javascript	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://snapwidget.com/ Origin https://snapwidget.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6ed4195a1ec17156-YUL
GET		GT-Walsheim-Bold.ttf no.bando.com/assets/	0 0
GET		GT-Walsheim-Medium.ttf no.bando.com/assets/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame BAB4	49 KB 20 KB	65ms 19ms	Script text/javascript	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 3379 date Thu, 17 Mar 2022 06:47:22 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 17 Mar 2022 08:47:22 GMT
GET H2	200	nr-1215.min.js Show response js-agent.newrelic.com/ Frame BAB4	36 KB 14 KB	37ms 10ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1215.min.js Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-version-id mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF content-encoding gzip etag "615035bb6557b191e767e19087efabaf" x-amz-request-id CR73YSP0N20HT0PN x-cache HIT cross-origin-resource-policy cross-origin content-length 13666 x-amz-id-2 NoWBwQTkKh67aBB4iTYIly42rNEwyiVE5qw3jwmo6VA6Sg0OGdWUYY+6hsRACVKmocvUwKdWqMs= x-served-by cache-yul12828-YUL last-modified Mon, 24 Jan 2022 22:13:53 GMT server AmazonS3 x-timer S1647503021.221437,VS0,VE0 date Thu, 17 Mar 2022 07:43:41 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 334
POST H2	200	rum Show response snapwidget.com/cdn-cgi/ Frame BAB4	0 233 B	21ms 21ms	XHR text/plain	172.67.75.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://snapwidget.com/cdn-cgi/rum? Requested by Host: snapwidget.com URL: https://snapwidget.com/embed/411533 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers X-NewRelic-ID VQICUlZUGwcFV1BRAA== tracestate 145307@nr=0-1-145307-453150-bd5184524cac7e11----1647503021192 traceparent 00-d1663d58dfc03e587814bfd7e576d960-bd5184524cac7e11-01 Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE0NTMwNyIsImFwIjoiNDUzMTUwIiwiaWQiOiJiZDUxODQ1MjRjYWM3ZTExIiwidHIiOiJkMTY2M2Q1OGRmYzAzZTU4NzgxNGJmZDdlNTc2ZDk2MCIsInRpIjoxNjQ3NTAzMDIxMTkyfX0= content-type application/json Referer https://snapwidget.com/embed/411533 Response headers date Thu, 17 Mar 2022 07:43:41 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://snapwidget.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 6ed4195a8b0e8c8a-EWR vary Origin
GET H/1.1	200 OK	a53393d12f Show response bam-cell.nr-data.net/1/ Frame BAB4	49 B 716 B	178ms 130ms	Script text/javascript	162.247.243.146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/a53393d12f?a=453137&v=1215.1253ab8&to=ZlNSMUNXWBcFW0FRCV8ZcQZFX1kKS3lFSDp5QkQVbXVZChBKWlQKVERDOXRbVAEAe1pWEkNZXAlURHYXDFdCbRVURHUIU1NS&rst=337&ck=1&ref=https://snapwidget.com/embed/411533&ap=106&be=171&fe=291&dc=275&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1647503020897,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:148,%22rpe%22:150,%22dl%22:152,%22di%22:203,%22ds%22:275,%22de%22:275,%22dc%22:291,%22l%22:291,%22le%22:292%7D,%22navigation%22:%7B%7D%7D&fp=234&fcp=234&at=ShRRRwtNSxk%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1215.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c Request headers Accept-Language en-CA,en;q=0.9 Referer https://snapwidget.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 07:43:41 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive access-control-allow-credentials true CF-Ray 6ed4195b195515cb-EWR

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

no.bando.com

URL

http://no.bando.com/assets/GT-Walsheim-Medium.woff

Domain

no.bando.com

URL

http://no.bando.com/assets/GT-Walsheim-Bold.woff

Domain

no.bando.com

URL

http://no.bando.com/assets/GT-Walsheim-Bold.ttf

Domain

no.bando.com

URL

http://no.bando.com/assets/GT-Walsheim-Medium.ttf

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| iFrameResize

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: eb9d3e2d9eca5333

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://bando-russia.bandoblog.com/ Message: Access to font at 'http://no.bando.com/assets/GT-Walsheim-Bold.woff' from origin 'http://bando-russia.bandoblog.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://no.bando.com/assets/GT-Walsheim-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://bando-russia.bandoblog.com/ Message: Access to font at 'http://no.bando.com/assets/GT-Walsheim-Medium.woff' from origin 'http://bando-russia.bandoblog.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://no.bando.com/assets/GT-Walsheim-Medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://bando-russia.bandoblog.com/ Message: Access to font at 'http://no.bando.com/assets/GT-Walsheim-Medium.ttf' from origin 'http://bando-russia.bandoblog.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://no.bando.com/assets/GT-Walsheim-Medium.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://bando-russia.bandoblog.com/ Message: Access to font at 'http://no.bando.com/assets/GT-Walsheim-Bold.ttf' from origin 'http://bando-russia.bandoblog.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://no.bando.com/assets/GT-Walsheim-Bold.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
bando-russia.bandoblog.com
js-agent.newrelic.com
no.bando.com
snapwidget.com
static.cloudflareinsights.com
www.google-analytics.com
no.bando.com
151.101.2.137
162.247.243.146
172.67.75.33
173.254.90.213
2606:4700:440e::ac40:9c1a
2607:f8b0:4006:80c::200e
015cc79e34e63d2d0c2420e50c815f01bbaa14c4a4971ed008493058fe4e0587
0f6ed8268ffc4d8776844650a0c99c62efa57b443eef7f7f7245cfd84afd7019
131dec6a86a10ddda2bf8740d1f4225efeac800e2f403eb5ee60451c7fb372a5
150919d0b4dd95f88049342f5b22de8836cb81c2b580423e55ec687b49d4b519
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
21a2e6c484de0c29d96ec0ac407ee0603dfd95741951506ed7a1bcbc6a6db4bc
32a6f77cbb60fffce3e2f2a4d236f67db54aa46cf5cf93efdffde2dfd8a06994
478449f0c84b6a4adab8c4f8f0d44ca10903f752b79f53b9dd65059733d1b511
4fe1468ec44d6d6240de7f1e59251a3dee1258db68d127ff26298baa905b0be0
5e9f9a1a6aa4b7916f1245eb04edada09ce4c099824c3a4ae97facde04d37cf4
74494fcb233c2db6a0c101d861dcbec94e9d869be60a41fb871ead72fee9580a
8773852d8d8da6eff6110c44d87587e24682f49db01efad103d05f65182774a1
9cb97d7feb304814fa3307e10fdc068b1d1d65efe43a4f593c45c8a5ce452617
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
be964cc6c34b45ebc4001869bd65c222853e4db7d4e96b21120107648ff7b11c
c2e61dcc16653962dec051f291d6da67b7cfc0b666eebe1df013c2578b8cd863
c36b8282f017100806dadbc114055e09084b7c224f4a08fce10586a4af73f876
c4db3c0bd763cdd44a14f2c1b71336851a58eeca5efc1ec6dbffacbd148481a3
c8988d47e2ab355eeeaec4a43d412c4eb81015fe23c57292cca36dc57716a398
cdb55ec85c815c85d71b940b915978ca860f0165e09e27dabd3e4ab76c28c003
d41f1ac750f6fec5a78103b455c49e43f245441af02f5e74981e2ac8ca361b7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6e667316e89b7f63fa57d6975985af56b8606258ffa79008c806a651449f8d7
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505