urlscan.io logo urlscan.io
SecurityTrails logo

answer.origogroup.com Open in urlscan Pro
185.248.53.138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.origo.live//R3NY3
Effective URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2AR...
Submission: On November 17 via api from CZ — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 185.248.53.138, located in Sweden and belongs to CGIT, SE. The main domain is answer.origogroup.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on December 12th 2022. Valid for: a year.
This is the only time answer.origogroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.248.53.135 204468 (CGIT)
2 29 185.248.53.138 204468 (CGIT)
3 172.217.18.10 15169 (GOOGLE)
30 2
Apex Domain
Subdomains		 Transfer
29 origogroup.com
answer.origogroup.com
417 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
105 KB
1 origo.live
s.origo.live
497 B
30 3
Domain Requested by
29 answer.origogroup.com 2 redirects answer.origogroup.com
3 ajax.googleapis.com answer.origogroup.com
1 s.origo.live 1 redirects
30 3

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
Subject Issuer Validity Valid
*.origogroup.com
AlphaSSL CA - SHA256 - G4		 2022-12-12 -
2024-01-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Frame ID: 61DCF039E863FA4B8B28A7E413E8650C
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Länsstyrelsen i Stockholm Servicemätning 2023

Page URL History Show full URLs

  1. https://s.origo.live//R3NY3 HTTP 302
    https://answer.origogroup.com/scripts/dubinterviewer.dll/frames?L=_bl4OSdSBICKOXLcn1qHGlcaR*v*RH2ARfYUSqeb... HTTP 302
    https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5F... Page URL
  2. https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?url=%3FPage%3DPage%26Quest%3D1000001014%26... HTTP 302
    https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKO... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

521 kB
Transfer

1542 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.origo.live//R3NY3 HTTP 302
    https://answer.origogroup.com/scripts/dubinterviewer.dll/frames?L=_bl4OSdSBICKOXLcn1qHGlcaR*v*RH2ARfYUSqebulhU HTTP 302
    https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515 Page URL
  2. https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?url=%3FPage%3DPage%26Quest%3D1000001014%26Resp%3D3515%26L%3D%255Fbl4OSdSBICKOXLcn1qHGlcaR%252Av%252ARH2ARfYUSqebulhU%26QW5567%3D641571%26Resp%3D3515&plugin=SILVERLIGHT&html5=CANVAS%2CAUDIO%2CAUDIO_OGG%2CAUDIO_MP3%2CAUDIO_WAV%2CAUDIO_M4A%2CVIDEO%2CVIDEO_OGG%2CVIDEO_WEBM%2CVIDEO_H264%2CLOCALSTORAGE%2CWEBWORKERS%2CGEOLOCATION%2CINPUT_SEARCH%2CINPUT_NUMBER%2CINPUT_RANGE%2CINPUT_COLOR%2CINPUT_TEL%2CINPUT_URL%2CINPUT_EMAIL%2CINPUT_DATE%2CINPUT_MONTH%2CINPUT_WEEK%2CINPUT_TIME%2CINPUT_DATETIME-LOCAL%2CPLACEHOLDER%2CAUTOFOCUS%2CHISTORY&device=PC HTTP 302
    https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://s.origo.live//R3NY3 HTTP 302
  • https://answer.origogroup.com/scripts/dubinterviewer.dll/frames?L=_bl4OSdSBICKOXLcn1qHGlcaR*v*RH2ARfYUSqebulhU HTTP 302
  • https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Detect
answer.origogroup.com/scripts/dubinterviewer.dll/
Redirect Chain
  • https://s.origo.live//R3NY3
  • https://answer.origogroup.com/scripts/dubinterviewer.dll/frames?L=_bl4OSdSBICKOXLcn1qHGlcaR*v*RH2ARfYUSqebulhU
  • https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
747 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-length
747
content-type
text/html
date
Fri, 17 Nov 2023 12:57:37 GMT
expires
Thu, 16 Nov 2023 13:57:37 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

content-length
263
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 12:57:37 GMT
location
Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
Basics.js
answer.origogroup.com/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Basics.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:37 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:27 GMT
server
Microsoft-IIS/10.0
etag
"806de316ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4405
x-xss-protection
1; mode=block
detect.js
answer.origogroup.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/detect.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:37 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:27 GMT
server
Microsoft-IIS/10.0
etag
"806de316ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4706
x-xss-protection
1; mode=block
Silverlight.js
answer.origogroup.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Silverlight.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/detect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:37 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:18 GMT
server
Microsoft-IIS/10.0
etag
"0238611ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2459
x-xss-protection
1; mode=block
modernizr.js
answer.origogroup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/modernizr.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/detect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:37 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"047c17ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5530
x-xss-protection
1; mode=block
mdetect.js
answer.origogroup.com/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/mdetect.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/detect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:37 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"047c17ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5855
x-xss-protection
1; mode=block
Primary Request Page
answer.origogroup.com/scripts/dubinterviewer.dll/
Redirect Chain
  • https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?url=%3FPage%3DPage%26Quest%3D1000001014%26Resp%3D3515%26L%3D%255Fbl4OSdSBICKOXLcn1qHGlcaR%252Av%252ARH2ARfYUSqebulhU%26QW5567%3D64157...
  • https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5c98b3eaf1e115f6722e38283e9b100087faa0a4c8ef05a9236364b428d2a87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Detect?Page=Page&Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-store
content-length
12571
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 12:57:38 GMT
expires
Fri, 17 Nov 2023 13:57:38 GMT,0
pragma
no-cache
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

content-length
293
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 12:57:37 GMT
location
Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
jquery-1.11.2.js
answer.origogroup.com/ 		288 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/jquery-1.11.2.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
667eedae1808b6d386502c77f7e76892c6b330678f466d15707d4adde48fea26
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"047c17ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
85667
x-xss-protection
1; mode=block
jquery-ui-1.11.4.css
answer.origogroup.com/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/jquery-ui-1.11.4.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49e60506cdb5267e48f74635cdbfb0cf4493d4a7fadc9d8395974a91f4d94747
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"047c17ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8309
x-xss-protection
1; mode=block
jquery-ui-1.11.4.js
answer.origogroup.com/ 		476 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/jquery-ui-1.11.4.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
37fbfc8e36798a479dd09027315d1de63f53d75aa169c97b7991ae9afbd249e4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"047c17ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
115742
x-xss-protection
1; mode=block
jquery.ui.touch-punch.js
answer.origogroup.com/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/jquery.ui.touch-punch.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de95e51deb4921104e1d5c351e74408b9f0085ff37576c0edfd77e5851db0c15
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"047c17ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1433
x-xss-protection
1; mode=block
DubInterViewerWAPIBasis.css
answer.origogroup.com/ 		31 B
86 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/DubInterViewerWAPIBasis.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7b001c67b0c29beb897789692245cfb6d1d4c59b9a5b0ad40e507618d8d4e59
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Mon, 02 May 2022 06:37:28 GMT
server
Microsoft-IIS/10.0
etag
"ebc7e17ef5dd81:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
31
x-xss-protection
1; mode=block
nebuitools.js
answer.origogroup.com/js/nebui/ 		78 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/js/nebui/nebuitools.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
df918041c438c9a3904c3d0597d83a1cda420950d0ce0c39d5610841886cf7e7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:24 GMT
server
Microsoft-IIS/10.0
etag
"0aa1915ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
15301
x-xss-protection
1; mode=block
container.css
answer.origogroup.com/style/yui/container/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/style/yui/container/container.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
91983ec69f7eb08f352a23d0f6ad23d81fb4c6bdb451c7dd6c8d79778abeea21
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:25 GMT
server
Microsoft-IIS/10.0
etag
"8040b215ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1193
x-xss-protection
1; mode=block
DubInterviewer.css
answer.origogroup.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/DubInterviewer.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f1b16a46c4a6f8057c628d58adaf3b51b965e9237fd53ab060a83c0fa649f8f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:27 GMT
server
Microsoft-IIS/10.0
etag
"806de316ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2267
x-xss-protection
1; mode=block
nebui.panel.css
answer.origogroup.com/style/nebui/ 		3 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/style/nebui/nebui.panel.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f6855c8d8089d270803380a2afb8d64dc6e156dbeb7ceffa5a375273f8e85c17
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:25 GMT
server
Microsoft-IIS/10.0
etag
"8040b215ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
841
x-xss-protection
1; mode=block
disableButtons.js
answer.origogroup.com/js/ 		387 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/js/disableButtons.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48b329c79fd23990a28b761697e2da65cdb39226c7f9523fa0886ee34d05f6c1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Mon, 02 May 2022 06:37:24 GMT
server
Microsoft-IIS/10.0
etag
"523d2515ef5dd81:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
387
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:02:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:02:05 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/themes/smoothness/jquery-ui.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
sffe /
Resource Hash
7f4b9e18d6c7644e9d690818b04285dc90f64930759799ed1344f8ca71013e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 05:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 05:33:42 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 21:33:05 GMT
NebuJS_core.min.css
answer.origogroup.com/Images/Servicematning2023/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Images/Servicematning2023/NebuJS_core.min.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff50dc80f026ecab791353048ff1416a577976515e5b3c6f75963c1b754880f6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Thu, 03 Oct 2019 12:46:22 GMT
server
Microsoft-IIS/10.0
etag
"0e33f8fe879d51:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
13337
x-xss-protection
1; mode=block
NebuJS_core.min.js
answer.origogroup.com/Images/Servicematning2023/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Images/Servicematning2023/NebuJS_core.min.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8c3f84f7927b85d9fafbd0fc36e73f2e3aa0939e96dc80be24f88cf2743c0756
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Wed, 06 Nov 2019 13:58:46 GMT
server
Microsoft-IIS/10.0
etag
"02f854eaa94d51:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
38814
x-xss-protection
1; mode=block
NebuJS_CellTrigger.min.js
answer.origogroup.com/Images/Servicematning2023/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Images/Servicematning2023/NebuJS_CellTrigger.min.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5f9598d5365374459a1c5d82d0e777e48fbc303cf08f1399a440da69809336e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Tue, 11 Dec 2018 09:58:58 GMT
server
Microsoft-IIS/10.0
etag
"01d49223891d41:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
5367
x-xss-protection
1; mode=block
Standard_Responsive_v2.css
answer.origogroup.com/Images/Servicematning2023/ 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Images/Servicematning2023/Standard_Responsive_v2.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4a4e0420bf502f86d2d6f3405b42147223e6e141a71e440874c2ae63d210969
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Thu, 03 Oct 2019 12:53:52 GMT
server
Microsoft-IIS/10.0
etag
"070789be979d51:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
18933
x-xss-protection
1; mode=block
Standard_Responsive_v2_custom.css
answer.origogroup.com/Images/Servicematning2023/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Images/Servicematning2023/Standard_Responsive_v2_custom.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
50a3683f70138f65280385a07c55ac9e29ad32ff314271ea0a3c859a41573a3b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Thu, 17 Oct 2019 11:17:30 GMT
server
Microsoft-IIS/10.0
etag
"0c1e976dc84d51:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
4268
x-xss-protection
1; mode=block
Project_Design.css
answer.origogroup.com/Images/Servicematning2023/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Images/Servicematning2023/Project_Design.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
655f28a22c5da602282f2aeb64aec9121b780f9e6796c0156618cf873832b39b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Tue, 11 Apr 2023 14:25:00 GMT
server
Microsoft-IIS/10.0
etag
"086e165816cd91:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
5578
x-xss-protection
1; mode=block
LansstyrelsenLogo.png
answer.origogroup.com/Images/Servicematning2023/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://answer.origogroup.com/Images/Servicematning2023/LansstyrelsenLogo.png
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7dee29e26b59e2282c876b9fb7ddb9d14f4c8cd468f7e8b0671669b83f004c9b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Wed, 01 Nov 2023 15:03:00 GMT
server
Microsoft-IIS/10.0
etag
"0ea2281d4cda1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
58574
x-xss-protection
1; mode=block
Basics.js
answer.origogroup.com/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/Basics.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
058af1d78244c3f7ead0cae5be8d212f0a7f40db9f5134280fb3e86440c21170
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:27 GMT
server
Microsoft-IIS/10.0
etag
"806de316ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4405
x-xss-protection
1; mode=block
DivFormWAPI.js
answer.origogroup.com/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/DivFormWAPI.js
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9f482d607d8d38c80ad10831f360f9230c43ec791df7e367d0fe39cbdb742b16
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/scripts/dubinterviewer.dll/Page?Quest=1000001014&Resp=3515&L=%5Fbl4OSdSBICKOXLcn1qHGlcaR%2Av%2ARH2ARfYUSqebulhU&QW5567=641571&Resp=3515&redirected=1&device=PC&html5=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
content-encoding
gzip
last-modified
Mon, 02 May 2022 06:37:27 GMT
server
Microsoft-IIS/10.0
etag
"806de316ef5dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7667
x-xss-protection
1; mode=block
nebui.panel.user.css
answer.origogroup.com/style/nebui/ 		0
46 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://answer.origogroup.com/style/nebui/nebui.panel.user.css
Requested by
Host: answer.origogroup.com
URL: https://answer.origogroup.com/style/nebui/nebui.panel.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.248.53.138 , Sweden, ASN204468 (CGIT, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://answer.origogroup.com/style/nebui/nebui.panel.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:57:38 GMT
last-modified
Mon, 02 May 2022 06:37:25 GMT
server
Microsoft-IIS/10.0
etag
"fcfbc415ef5dd81:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| getbrowser function| nebui function| ismodalopen function| oldalert function| oldconfirm function| oldprompt function| browseAlert boolean| isLoading function| setIsLoading string| NebuJS_core_version function| NebuJS_core_init function| NebuJS_core_log object| NebuJS_core object| NebuJS_Log function| NebuJS_CellTrigger function| doOnLoad function| doOnUnLoad string| imgDir boolean| Submitting function| onBlurUpdate function| NextPage function| PrevPage function| Cancel function| Volgende function| Vorige function| OpenHelp boolean| isNav4 boolean| isIE4 boolean| isNav boolean| isIE boolean| isVer4 boolean| isIEMac boolean| isOpera string| rangeObj string| styleObj number| version function| getStyleObject function| getObject function| getObjectInForm function| doSubmitForm function| setValue function| getValue function| setChecked function| getChecked function| isVisible function| setFocus function| getSelectText function| getSelectValue function| getRadioValue function| setRadioValue function| showElement function| hideElement function| openSite function| emptyFunc function| isAllDigits function| makeAllDigits function| isAllValidChars function| makeAllValidChars function| getQueryParameter function| checkRegularExpr function| checkRegExprField function| lTrim function| rTrim function| trim function| messageInButtonBar function| toHTMLChars function| stringReplace function| stringFormat function| checkNumericValue function| modal function| modallayerClose function| setupalert function| modalAlert function| changecss function| enableDisabledInputs object| OrgFormValues object| IgnoreChangedFormElements string| ErrMsgInvalidDate string| ErrMsgInvalidTime string| ErrMsgDateToHigh string| ErrMsgDateToLow string| ErrMsgTimeToHigh string| ErrMsgTimeToLow string| ErrMsgNumberToHigh string| ErrMsgNumberToLow string| ErrMsgRequiredEmpty string| ErrMsgFormFieldsErr number| is24Clock number| is12ClockAM number| is12ClockPM number| is12Clock number| isUnknownClock object| EmptyDate object| invalidDateTimeFormat object| invalidDateFormat object| invalidTimeFormat object| invalidDate object| invalidTime object| invalidDateTime string| dateFormat string| dateSeparator string| timeFormat string| timeSeparator string| numberDecimalSymbol string| DigitGroupingSymbol number| NrOfDigitsInGroup string| CurrencySymbol string| CurrencyPlacement number| CurrencyDigits object| MonthNames object| MonthNamesShort object| DayNames object| DayNamesShort function| getSelectedItemsArray function| getSelectedItems function| indexOfOptionValue function| setSelectedItems function| AddIgnoredChangedFormElement function| IsIgnoredChangedForm function| IsIgnoredChangedFormElement function| InitFormChanges function| CompareInputChanges function| IsFormChanged function| isStrInt function| isDateCorrect function| isDateEmpty function| SetDateFormat function| SetTimeFormat function| SetNumberFormat function| InitFormChecks function| FormatStr function| DoCheckElmErr object| FormErrorList function| checkElement function| checkFormat function| checkForm function| checkNum function| CalcWindowParams object| CurrentInputObj function| FindDate function| SpinnerInc function| SpinnerDec function| xmlDateTimeToStr function| xmlStrToDateTime function| isCorrectDateStr function| isCorrectTimeStr function| isCorrectDateTimeStr function| isBeforeNow function| StringToDate function| DateToString function| dateAndTimeToStr function| dateTimeToStr function| isDST function| strToDateTime function| timeToStr function| getPosOfName function| stringToTime function| strToTime function| TimeStringToInt function| IntToTimeString function| StringToInt function| IntToString function| StringToFloat function| FloatToString function| AntwoordCorrectQ0 function| AntwoordCorrect function| doOnSubmit function| doOnKeyPress function| oldNextPage

1 Cookies

Domain/Path Name / Value
s.origo.live/ Name: PHPSESSID
Value: 6mpagarfpa624t4psr3fkgfocr

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
answer.origogroup.com
s.origo.live
172.217.18.10
185.248.53.135
185.248.53.138
058af1d78244c3f7ead0cae5be8d212f0a7f40db9f5134280fb3e86440c21170
37fbfc8e36798a479dd09027315d1de63f53d75aa169c97b7991ae9afbd249e4
48b329c79fd23990a28b761697e2da65cdb39226c7f9523fa0886ee34d05f6c1
49e60506cdb5267e48f74635cdbfb0cf4493d4a7fadc9d8395974a91f4d94747
50a3683f70138f65280385a07c55ac9e29ad32ff314271ea0a3c859a41573a3b
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
655f28a22c5da602282f2aeb64aec9121b780f9e6796c0156618cf873832b39b
667eedae1808b6d386502c77f7e76892c6b330678f466d15707d4adde48fea26
7dee29e26b59e2282c876b9fb7ddb9d14f4c8cd468f7e8b0671669b83f004c9b
7f4b9e18d6c7644e9d690818b04285dc90f64930759799ed1344f8ca71013e52
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c3f84f7927b85d9fafbd0fc36e73f2e3aa0939e96dc80be24f88cf2743c0756
91983ec69f7eb08f352a23d0f6ad23d81fb4c6bdb451c7dd6c8d79778abeea21
9f1b16a46c4a6f8057c628d58adaf3b51b965e9237fd53ab060a83c0fa649f8f
9f482d607d8d38c80ad10831f360f9230c43ec791df7e367d0fe39cbdb742b16
a4a4e0420bf502f86d2d6f3405b42147223e6e141a71e440874c2ae63d210969
a5f9598d5365374459a1c5d82d0e777e48fbc303cf08f1399a440da69809336e
b7b001c67b0c29beb897789692245cfb6d1d4c59b9a5b0ad40e507618d8d4e59
c5c98b3eaf1e115f6722e38283e9b100087faa0a4c8ef05a9236364b428d2a87
de95e51deb4921104e1d5c351e74408b9f0085ff37576c0edfd77e5851db0c15
df918041c438c9a3904c3d0597d83a1cda420950d0ce0c39d5610841886cf7e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6855c8d8089d270803380a2afb8d64dc6e156dbeb7ceffa5a375273f8e85c17
ff50dc80f026ecab791353048ff1416a577976515e5b3c6f75963c1b754880f6