urlscan.io logo urlscan.io
SecurityTrails logo

www.norraflytt.se Open in urlscan Pro
16.170.195.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://norraflytt.se/
Effective URL: https://www.norraflytt.se/
Submission: On June 18 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 51 HTTP transactions. The main IP is 16.170.195.59, located in Stockholm, Sweden and belongs to AMAZON-02, US. The main domain is www.norraflytt.se.
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.
This is the only time www.norraflytt.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    16.170.195.59 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
norraflytt.se
www.norraflytt.se
3    2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    172.66.40.203 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.serviceform.com
images.serviceform.com
app.serviceform.com
1    2600:9000:211e:4a00:17:190:680:93a1 (United States)

ASN16509 (AMAZON-02, US)
widget.reco.se
7    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
3    2a00:1450:4001:812::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eu.serviceform.com
2    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
europe-west1-ecstatic-fiber-261015.cloudfunctions.net
2    13.49.10.204 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-49-10-204.eu-north-1.compute.amazonaws.com
zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net
www.google.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.google.de
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
www.googleadservices.com
2    2606:4700:3108::ac42:28a3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quilljs.com
1    2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
14 norraflytt.se
norraflytt.se
www.norraflytt.se
614 KB
12 serviceform.com
cdn.serviceform.com — Cisco Umbrella Rank: 493112
eu.serviceform.com — Cisco Umbrella Rank: 411480
images.serviceform.com — Cisco Umbrella Rank: 699660
app.serviceform.com — Cisco Umbrella Rank: 638683
136 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
253 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1380
104 KB
2 quilljs.com
cdn.quilljs.com — Cisco Umbrella Rank: 31929
82 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 8196
175 B
2 amazonaws.com
zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com — Cisco Umbrella Rank: 427130
6 KB
2 cloudfunctions.net
europe-west1-ecstatic-fiber-261015.cloudfunctions.net — Cisco Umbrella Rank: 460136
15 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
15 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
20 B
1 google.com
www.google.com — Cisco Umbrella Rank: 5
64 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
1 KB
1 reco.se
widget.reco.se
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
86 KB
51 15
Domain Requested by
13 www.norraflytt.se www.norraflytt.se
5 www.gstatic.com www.googletagmanager.com
cdn.serviceform.com
www.gstatic.com
5 cdn.serviceform.com www.norraflytt.se
cdn.serviceform.com
3 eu.serviceform.com cdn.serviceform.com
3 fonts.gstatic.com fonts.googleapis.com
3 use.fontawesome.com www.norraflytt.se
use.fontawesome.com
2 app.serviceform.com
2 images.serviceform.com
2 cdn.quilljs.com cdn.serviceform.com
2 www.google.de www.norraflytt.se
2 zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com cdn.serviceform.com
2 europe-west1-ecstatic-fiber-261015.cloudfunctions.net cdn.serviceform.com
2 fonts.googleapis.com www.norraflytt.se
1 cdn.jsdelivr.net cdn.serviceform.com
1 www.googleadservices.com 1 redirects
1 www.google.com www.norraflytt.se
1 googleads.g.doubleclick.net www.googletagmanager.com
1 widget.reco.se www.norraflytt.se
1 www.googletagmanager.com www.norraflytt.se
1 norraflytt.se 1 redirects
51 20

This site contains links to these domains. Also see Links.

Domain
www.reco.se
www.serviceform.com
Subject Issuer Validity Valid
norraflytt.se
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
serviceform.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
widget.reco.se
Amazon RSA 2048 M02		 2024-02-02 -
2025-03-02		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
eu.serviceform.com
WR3		 2024-06-01 -
2024-08-30		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.execute-api.eu-north-1.amazonaws.com
Amazon RSA 2048 M02		 2024-05-21 -
2025-06-19		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.de
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdn.quilljs.com
GTS CA 1P5		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.norraflytt.se/
Frame ID: 9BCA3F16C34A3BA718C5A01F2DA30701
Requests: 49 HTTP requests in this frame

Frame: https://widget.reco.se/v2/widget/4027138?mode=HORIZONTAL_QUOTE
Frame ID: 045FE94EB22BD5DEF6A7B2393CB5C77E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flyttfirman Norra Flytt AB | Flytthjälp och flyttservice

Page URL History Show full URLs

  1. https://norraflytt.se/ HTTP 301
    http://www.norraflytt.se/ HTTP 307
    https://www.norraflytt.se/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

51
Requests

98 %
HTTPS

53 %
IPv6

15
Domains

20
Subdomains

16
IPs

3
Countries

1314 kB
Transfer

3103 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://norraflytt.se/ HTTP 301
    http://www.norraflytt.se/ HTTP 307
    https://www.norraflytt.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.googleadservices.com/pagead/conversion/10865364150/wcm?cc=ZZ&dn=0840026161&cl=9vXMCJe7yqcDELaZgb0o&dma=0&npa=0&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=0840026161&cl=9vXMCJe7yqcDELaZgb0o&dma=0

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.norraflytt.se/
Redirect Chain
  • https://norraflytt.se/
  • http://www.norraflytt.se/
  • https://www.norraflytt.se/
57 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
3b89e7eb4b15b9f7bd2fd427d0325979b89470b568f9c7c6dbc002727603bf27

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 18 Jun 2024 12:48:16 GMT
etag
W/"66701611-e4ab"
last-modified
Mon, 17 Jun 2024 10:55:13 GMT
server
nginx/1.23.3
vary
Accept-Encoding

Redirect headers

Location
https://www.norraflytt.se/
Non-Authoritative-Reason
HttpsUpgrades
style.css
www.norraflytt.se/themes/webbpoolen/assets/styles/ 		238 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/themes/webbpoolen/assets/styles/style.css?id=653821263ad8a5378ba3&ver=5.3.2
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
2b90c5643c9fc6c32cfce5fcab8e2f8ad886d0f293b2e3ad50347c69261c5414

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:16 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 20:23:23 GMT
server
nginx/1.23.3
etag
W/"64c180bb-3b830"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.norraflytt.se/uploads/2019/06/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norraflytt.se/uploads/2019/06/logo.png
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
3137ea82d9c296ff59418d9c54c3c1dab88ed756d574383256640baecd010503

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:16 GMT
last-modified
Tue, 25 Jul 2023 16:21:51 GMT
server
nginx/1.23.3
etag
"64bff69f-5726"
vary
Accept
content-type
image/png
cache-control
max-age=31536000, private
accept-ranges
bytes
content-length
22310
expires
Wed, 18 Jun 2025 12:48:16 GMT
rek-1024x178.png
www.norraflytt.se/uploads/2023/09/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norraflytt.se/uploads/2023/09/rek-1024x178.png
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
e4367d7ac4c0e94e174c248789508ca0bc07d75f4c11a21889a8f882353eaed9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:16 GMT
last-modified
Fri, 01 Sep 2023 15:15:54 GMT
server
nginx/1.23.3
etag
"64f2002a-278f4"
vary
Accept
content-type
image/png
cache-control
max-age=31536000, private
accept-ranges
bytes
content-length
162036
expires
Wed, 18 Jun 2025 12:48:16 GMT
jquery.js
www.norraflytt.se/wordpress/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 16:25:17 GMT
server
nginx/1.23.3
etag
W/"64bff76d-17a69"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
www.norraflytt.se/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 16:24:12 GMT
server
nginx/1.23.3
etag
W/"64bff72c-3868"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpzerospam.js
www.norraflytt.se/plugins/zero-spam/assets/js/ 		2 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/plugins/zero-spam/assets/js/wpzerospam.js?ver=4.10.1
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
a6381b070f0ed61061cc00089989c9f41ea0062cf77bd0dcb7efe036e0afb673

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 16:24:58 GMT
server
nginx/1.23.3
etag
W/"64bff75a-610"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf7.js
www.norraflytt.se/plugins/zero-spam/integrations/contact-form-7/js/ 		102 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/plugins/zero-spam/integrations/contact-form-7/js/cf7.js?ver=4.10.1
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
bfac4390b2d6f2d7ecfe4b5cae6b0b105ce3493e40da8e8a479eb9d761af01ac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 16:26:13 GMT
server
nginx/1.23.3
etag
W/"64bff7a5-66"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
www.norraflytt.se/themes/webbpoolen/assets/scripts/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/themes/webbpoolen/assets/scripts/script.js?id=32bd2ab4799f768a342e&ver=5.3.2
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
3becbdbad4a1f81c0e729596dc802c5cdf7edc0c5b6c232f0c82ab70119fd241

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 20:23:23 GMT
server
nginx/1.23.3
etag
W/"64c180bb-198c1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Origin
https://www.norraflytt.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2509288
etag
W/"dc93d584e41f8417f6b7163320d34329"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3QwaopEq79NleDD%2B0%2BJZGFKqOLNTRavfPuYztA3reVJvWgkLe9BUvg3yH2FuKrDByO1%2BfUAkx8H6vAL7d0Em8qF%2FH2NCjTQ1wCOcw6WG%2F60vlrrbWcULsdD7XGfsncPVonhyw7M%2Fs1cPPXzAnWBeCct"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
895b648cfc9cb725-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		240 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10865364150
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35028d8b29180d25f088276f08a172236a586fa479dfda97edfc7fc4144f173e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87499
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jun 2024 12:48:17 GMT
css
fonts.googleapis.com/ 		2 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/themes/webbpoolen/assets/styles/style.css?id=653821263ad8a5378ba3&ver=5.3.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
210c0dec6b8654d40aca7610c693067129122f2dc88d1e5525365f7bb4a8e5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 11:31:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 12:48:17 GMT
css
fonts.googleapis.com/ 		10 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/themes/webbpoolen/assets/styles/style.css?id=653821263ad8a5378ba3&ver=5.3.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
472700da53b5c2e7c8e21b3314b7b13ee282abbbb8127e34b4dd8c26c906f505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 10:52:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jun 2024 12:48:17 GMT
sf-pixel.js
cdn.serviceform.com/serviceform-tools/pixel/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19acfb46d5c0e2e46a506f869e3432dd2077f38761d93d00c21837a523b3bece

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1364
cf-polished
origSize=55352
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:09:37 GMT
server
cloudflare
etag
W/"d838-61b1683ef6a40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrFtLEzZAcMV6FaqqjxyCpFpzzvqPBPjPNJZRp0XIyC17orLljwYsYkM7KIMkQjQ6kv5ZjY3h3uPj3hDj96scfCDmM%2Bi4Kd24qoHg5W%2FDqm2DuaSAGDfpCt2IJiRBTi9n9ziLlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
895b648c9ad2568d-OSL
4027138
widget.reco.se/v2/widget/ Frame 045F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.reco.se/v2/widget/4027138?mode=HORIZONTAL_QUOTE
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4a00:17:190:680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://www.norraflytt.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/plain; charset=UTF-8
date
Tue, 18 Jun 2024 12:48:17 GMT
vary
Accept-Encoding
via
1.1 google, 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-id
erHKh8-L3NUlTAB1bcskVrL6bGQ66V6wTsLn4uHDJ5db39YqSNnWNQ==
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.norraflytt.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 19:53:49 GMT
x-content-type-options
nosniff
age
406468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 19:53:49 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.norraflytt.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 23:53:43 GMT
x-content-type-options
nosniff
age
392074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 23:53:43 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.norraflytt.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:54:42 GMT
x-content-type-options
nosniff
age
428015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:54:42 GMT
statistics-endpoint
eu.serviceform.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eu.serviceform.com/statistics-endpoint
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.norraflytt.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
content-type
text/html
date
Tue, 18 Jun 2024 12:48:17 GMT
server
Google Frontend
vary
Access-Control-Request-Headers
x-cloud-trace-context
6d26788e82d7dc062c9e924928cfa2e3
x-powered-by
Express
gP
europe-west1-ecstatic-fiber-261015.cloudfunctions.net/ 		2 KB
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://europe-west1-ecstatic-fiber-261015.cloudfunctions.net/gP?pid=1252491
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
69aeaea91332637e7fa5a23d36c000863173061fe3a6de70c7ed02677057080a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"97e-KOIWNvNz9pGZNSipiAT9at3ICq0"
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
694627ec27756a1fb8d071218a93b0fd
cache-control
private
access-control-allow-credentials
FALSE
function-execution-id
5ykre2s9h9v7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
416
statistics-function
zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com/default/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com/default/statistics-function
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.49.10.204 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-10-204.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
9fe684cce0fd4d4884938158e9406adecea3103a4e86147c83f7cb3a505051d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
x-amzn-trace-id
Root=1-66718211-1257cad222d3c3792a910917;Parent=24ef9e16c8fc55f0;Sampled=0;lineage=46deaa23:0
x-amzn-requestid
ad758d02-76ef-429c-b2b3-ebed4d9843d9
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
ZkFCzGxBAi0Ecvw=
content-length
2471
statistics-endpoint
eu.serviceform.com/ 		3 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.serviceform.com/statistics-endpoint
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
7e164df9aa74f30e5c9d9a47bdfb6134
content-length
3
fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.norraflytt.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93725
alt-svc
h3=":443"; ma=86400
content-length
79100
last-modified
Fri, 22 Sep 2023 01:45:45 GMT
server
cloudflare
etag
"5dc01cfcd5336f696cb85da7ce53fa9b"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTxH5M84qwseHOsgDLOaCni0VnGTSE1W0E0xhUy3uGV7eMLIpc8BUOPaFHWkL0ORsbiF%2FQgC70oqD0L1X%2FTM%2FQPAplvxeNa9SqljJIT7vpHvXgXcTezHo2HczSg%2FL6ASlBFitnm%2Fb7665E1sxwzHShFd"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
895b648dedd0b725-AMS
fa-regular-400.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin
https://www.norraflytt.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
93725
alt-svc
h3=":443"; ma=86400
content-length
14872
last-modified
Fri, 22 Sep 2023 01:45:46 GMT
server
cloudflare
etag
"4b218302f9057d02864d4909661831e9"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iz2OwdcIgpIXTdveJuE8vVPqyYZppOuDL4CfQXnpPTV9olskk7iHeJtgPu%2BcsCocmxE5VodCEM4s2NfJhjGBvIdzIDFE9CDX3YHkKJGH6Yrhn0dwdAthcA7TZf2c7MgOPzpN7hj2n0%2BqXkgr8cZdlxGw"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
895b648dedd5b725-AMS
refill
www.norraflytt.se/wp-json/contact-form-7/v1/contact-forms/4/ 		2 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/wp-json/contact-form-7/v1/contact-forms/4/refill
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/wordpress/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.norraflytt.se/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.23.3
vary
Accept-Encoding, Accept-Encoding, Cookie, Origin
allow
GET
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex
link
<https://www.norraflytt.se/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
ajax-loader.gif
www.norraflytt.se/plugins/contact-form-7/images/ 		847 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norraflytt.se/plugins/contact-form-7/images/ajax-loader.gif
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
last-modified
Tue, 25 Jul 2023 16:20:52 GMT
server
nginx/1.23.3
etag
"64bff664-34f"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
847
expires
Thu, 31 Dec 2037 23:55:55 GMT
front-flyttfirma.jpg
www.norraflytt.se/uploads/2020/12/ 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.norraflytt.se/uploads/2020/12/front-flyttfirma.jpg
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
4c915f227a916dffcc4641a994137d9f0b2faa79415eab65a64df6e6a90a56c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:17 GMT
last-modified
Tue, 25 Jul 2023 16:22:23 GMT
server
nginx/1.23.3
etag
"64bff6bf-4d1cd"
vary
Accept
content-type
image/jpeg
cache-control
max-age=31536000, private
accept-ranges
bytes
content-length
315853
expires
Wed, 18 Jun 2025 12:48:17 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10865364150/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865364150/?random=1718714897726&cv=11&fst=1718714897726&bg=ffffff&guid=ON&async=1&gtm=45be46c0v879038771za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.norraflytt.se%2F&hn=www.googleadservices.com&frm=0&tiba=Flyttfirman%20Norra%20Flytt%20AB%20%7C%20Flytthj%C3%A4lp%20och%20flyttservice&npa=0&pscdl=noapi&auid=611426175.1718714898&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10865364150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
38babd5fba88d1b80036445aa32fcfc2d0234ce5b55100c58cef0b353856b805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 12:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1460
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
www.gstatic.com/wcm/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10865364150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2133
x-xss-protection
0
last-modified
Wed, 20 Mar 2024 23:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 18 Jun 2024 13:33:47 GMT
firebase-app.js
www.gstatic.com/firebasejs/7.6.1/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.6.1/firebase-app.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abdbd85ace4e054c7a56eb8911f6aa9c89134d78072107717163e15686b5c1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 01:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6132
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 23:15:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 01:21:20 GMT
firebase-firestore.js
www.gstatic.com/firebasejs/7.6.1/ 		369 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.6.1/firebase-firestore.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8286cba42d4d3b8c5e5defd0ebf6b5a34b9c7abaee1102faeeea9e018b1b03f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 05:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98492
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 23:15:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jun 2025 05:37:12 GMT
call-tracking_9.js
www.gstatic.com/call-tracking/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_9.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 11:33:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
4470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20777
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 22:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
vary
Accept-Encoding
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 11:33:47 GMT
/
www.google.com/pagead/1p-user-list/10865364150/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10865364150/?random=1718714897726&cv=11&fst=1718712000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0v879038771za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.norraflytt.se%2F&hn=www.googleadservices.com&frm=0&tiba=Flyttfirman%20Norra%20Flytt%20AB%20%7C%20Flytthj%C3%A4lp%20och%20flyttservice&npa=0&pscdl=noapi&auid=611426175.1718714898&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLXFCBbiNPGUiNF5tBG98wopBNXUPvUg&random=2019946383&rmt_tld=0&ipr=y
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 12:48:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10865364150/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10865364150/?random=1718714897726&cv=11&fst=1718712000000&bg=ffffff&guid=ON&async=1&gtm=45be46c0v879038771za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.norraflytt.se%2F&hn=www.googleadservices.com&frm=0&tiba=Flyttfirman%20Norra%20Flytt%20AB%20%7C%20Flytthj%C3%A4lp%20och%20flyttservice&npa=0&pscdl=noapi&auid=611426175.1718714898&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLXFCBbiNPGUiNF5tBG98wopBNXUPvUg&random=2019946383&rmt_tld=1&ipr=y
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 12:48:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
firebase-database.js
www.gstatic.com/firebasejs/7.6.1/ 		181 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.6.1/firebase-database.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
396efbea6fd1f51689168b6c5bd3921defa7fa25c2704baf5b5376af1901efbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 20:02:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
405968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49687
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 23:15:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jun 2025 20:02:10 GMT
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/10865364150/wcm?cc=ZZ&dn=0840026161&cl=9vXMCJe7yqcDELaZgb0o&dma=0&npa=0&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=0840026161&cl=9vXMCJe7yqcDELaZgb0o&dma=0
80 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=0840026161&cl=9vXMCJe7yqcDELaZgb0o&dma=0
Requested by
Host: www.norraflytt.se
URL: https://www.norraflytt.se/
Protocol
H3
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://www.norraflytt.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
null
content-type
application/json; charset=UTF-8
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87
x-xss-protection
0

Redirect headers

date
Tue, 18 Jun 2024 12:48:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=0840026161&cl=9vXMCJe7yqcDELaZgb0o&dma=0
access-control-allow-origin
https://www.norraflytt.se
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sf-chat.js
cdn.serviceform.com/serviceform-tools/chat/ 		239 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6a1249d0425ff5fc6b9a2fb9253dd3c60cf199d427f9628cd6641c09fabd2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1361
cf-polished
origSize=325598
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:09:37 GMT
server
cloudflare
etag
W/"4f7de-61b1683ef6a40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvcbWOWY5%2FQ8WySv0lY0x7UX4cggzAo92eU0ryJcttfzKkrPg1WBmRv4en3%2FKZQ3Ti6If8nfCmsXafGqHal4iMrrlJCyOsZU%2FAWs3YufxzamrKOLf8k0tt7TEbUKWqAuJiajIEA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
895b64925b7c568d-OSL
sf-chat.css
cdn.serviceform.com/serviceform-tools/chat/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.css
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdda05bf696da0af13b2deac575c0d85f948cb32b909274f08d04e3343f4375

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1361
cf-polished
origSize=52852
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:09:37 GMT
server
cloudflare
etag
W/"ce74-61b1683ef6a40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtaPALovrOOXawBezrZt89jKnKeZcEFvGFH39eCnKQV5CiCIKfSnnE5AdF%2Fp6%2BzJTI3t36nCSIpFG9HFv8GYvJ8KK6WBF0xGdl%2BDtoKuxfmxigP%2F7yMO1%2BIp%2BS4iWLVriEaRtmw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
895b64936ce7568d-OSL
getSf
europe-west1-ecstatic-fiber-261015.cloudfunctions.net/ 		62 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://europe-west1-ecstatic-fiber-261015.cloudfunctions.net/getSf?nid=1252492
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b8bc8e564fb1c02a8bb367fd99b0316ff2af6da2aaf9d96aa8fb651eaf9acf06

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"f605-XU+C43ck0lnUmfYwsOntPz7Hcow"
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
1b1e6c0c8e45d65f7e15456fbf628b64
cache-control
public, max-age=120, s-maxage=240
access-control-allow-credentials
FALSE
function-execution-id
98ficfdeutp2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14701
logo-1-e1560492608476.png
www.norraflytt.se/uploads/2019/06/ 		9 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.norraflytt.se/uploads/2019/06/logo-1-e1560492608476.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
16.170.195.59 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-170-195-59.eu-north-1.compute.amazonaws.com
Software
nginx/1.23.3 /
Resource Hash
ce135cdf7388f9e7a2eaa2ff0a6d1dc61c42096df036349c2c9fb9cc78480785

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
last-modified
Tue, 25 Jul 2023 16:21:51 GMT
server
nginx/1.23.3
etag
"64bff69f-221c"
vary
Accept
content-type
image/png
cache-control
max-age=31536000, private
accept-ranges
bytes
content-length
8732
expires
Wed, 18 Jun 2025 12:48:18 GMT
sf-chat-translations.js
cdn.serviceform.com/serviceform-tools/chat/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.serviceform.com/serviceform-tools/chat/sf-chat-translations.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c6d46056ea3b597cd27e86f25ddbde2120d33cc073f393652bafbefddcc522

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1361
cf-polished
origSize=45470
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 17 Jun 2024 14:09:37 GMT
server
cloudflare
etag
W/"b19e-61b1683ef6a40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImYpigeU4cfPBH0foaMKBGWy0j%2FkYEkzdUzVwfMPUMd18sTAwzcsAT0N121oStFT8ICeNTXSHIIMMG1SNQd%2BZoFiGHyxfY6Pdcu%2Fsp0nvhZw9YSXDnp9fHrK9pGpLlyrqSN%2BZa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
895b64955fe9568d-OSL
quill.snow.css
cdn.quilljs.com/1.3.6/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.quilljs.com/1.3.6/quill.snow.css
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
236
content-length
3660
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
server
cloudflare
etag
"9b536bda67650c506df72197baec4c01"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbBZ%2BZM5ve1lZLAhv2%2BrfWRz%2FQe4M7rpSwI59HzBEfTQKwM19QlquhXeWhG5hixx3hKu2bK15kWFGQHI6cR3wLFTz6Oixbj7N5rbCCY%2Bp2CzHxg7BNimSRpy1bZx2a4D%2Bx5gAN8Ly5mLia7Zxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
895b64969b0970b2-ARN
fuse.js
cdn.jsdelivr.net/npm/fuse.js/dist/ 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/fuse.js/dist/fuse.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7313eea2b0a30dbeff22e56fc8009acc3cd9744edf2a5a5806258aa416a3aa55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2436
x-jsd-version
7.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14711
x-served-by
cache-fra-eddf8230041-FRA, cache-lga21969-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1094f-rMb4DHgTj1yZmb3E3F08roHod/4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GsZWo7z7349njn5ZsyCy6A6AhpTd1aEytujsWrjLUFz7cjAeaP0QpyziCi2%2B%2B%2F3pin%2BxP%2BQPmo6ORERDtCF2SPHoXig77NvbzIo5ENgbOE0xrp%2F%2B5BXlo8GAq3fCTmaQNxLG%2BZCgCd9lwYBI5sE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895b6496adc2b527-OSL
statistics-function
zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com/default/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com/default/statistics-function
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.49.10.204 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-49-10-204.eu-north-1.compute.amazonaws.com
Software
/
Resource Hash
583a18e5d54139e1b88d534d4a7738e4e876188f0632ade155986b1cd54c7da0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
x-amzn-trace-id
Root=1-66718212-5d2a0a7f0ca909c1260b9722;Parent=30bd5b87b0f277ec;Sampled=0;lineage=46deaa23:0
x-amzn-requestid
3b452614-004d-4cca-8304-445e0ff9d7e9
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
ZkFC_Gf9gi0Ehtg=
content-length
2827
statistics-endpoint
eu.serviceform.com/ 		3 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.serviceform.com/statistics-endpoint
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/chat/sf-chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jun 2024 12:48:19 GMT
server
Google Frontend
x-powered-by
Express
etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0bb74ad0d13729d5508542a6ae20083d
content-length
3
/
images.serviceform.com/c9836928-ee8b-43c0-879a-5382c7be1ec5/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.serviceform.com/c9836928-ee8b-43c0-879a-5382c7be1ec5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d425d00f6a6bbe7f82c657d30a4ab2d5350d58163c6eb3c9a96c36d4aae5df3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:19 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename=3c852571-eec7-4893-bac4-e1f5c6d3c035.png
x-image-height
239
alt-svc
h3=":443"; ma=86400
content-length
35245
x-image-width
718
last-modified
Mon, 05 Jun 2023 06:18:31 GMT
server
cloudflare
etag
"cfa2e8d854524f617d3259ca45c4020e"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yg7ybnuydl4DzjENWTEnr3%2Bm5ZOgio8u284lmn3wgMQV0p9l61I85E1T%2BlIeII3iVwxzDJEU5zkN4%2BaMp2jFICmPqIbu913X6erx%2BpmoXWY07rbCNRzqc7oHyEQwFzBUPBraQS4rP8Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=29821530
accept-ranges
bytes
cf-ray
895b6496198e568d-OSL
close-bot.svg
app.serviceform.com/servicechat/ 		974 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.serviceform.com/servicechat/close-bot.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0b9a63b422ed22e32123a6e6d70515cc9904b20d8cdf5ff7b700ebc95b5797
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 13:49:03 GMT
date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1359
x-cache
MISS, HIT
x-pantheon-styx-hostname
styx-fe1-b-68b4468bdf-l6rfr
alt-svc
h3=":443"; ma=86400
content-length
508
x-served-by
cache-chi-klot8100166-CHI, cache-lcy-eglc8600088-LCY
last-modified
Mon, 17 Jun 2024 07:00:00 GMT
server
cloudflare
x-timer
S1718713534.090907,VS0,VE3
etag
W/"666fdef0-3ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDjaKCHEzbgxMyvQ62Xed9QUtStIcWr%2BdCTcZxnwCRyu0sV6lG2Ro7kI7miVoG9vbpEzk4bc0C0LbxfHR9E7H3TWzRxPX6MIJoW92bBTVHDOkQaP4QDqeYkHb9ThahcdKqlXjcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
5bbd2599-2cb0-11ef-a583-428bddc51008
cache-control
max-age=31622400
accept-ranges
bytes
cf-ray
895b64961995568d-OSL
x-cache-hits
0, 2
poweredByServiceform.png
cdn.serviceform.com/assets/images/chat/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.serviceform.com/assets/images/chat/poweredByServiceform.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7111de7c44a6512c080536c0c6a726599050a333fc01326649848d36608091

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
144
cf-polished
origFmt=png, origSize=8406
content-disposition
inline; filename="poweredByServiceform.webp"
alt-svc
h3=":443"; ma=86400
content-length
3602
cf-bgj
imgq:85,h2pri
last-modified
Mon, 17 Jun 2024 14:09:37 GMT
server
cloudflare
etag
"20d6-61b1683ef6a40"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pY9ohI5YfBVNdMMOmeMTwEQ4v9qGliqdYUJlJsG1fAHfRcAFlsLD5UBvs6QpEPIEJdWKNDNABzN2xSJRzUwxm5VW2jyrcuvxtMPRw%2BVM699DuI22PcEEmlbIIiw%2FyNdje46pKno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=30
accept-ranges
bytes
cf-ray
895b6496095c568d-OSL
/
images.serviceform.com/0d02d032-d8d0-462f-b19d-2cda8f418a91/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.serviceform.com/0d02d032-d8d0-462f-b19d-2cda8f418a91/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08cc080ba59fe41a812c6c85f4af52c1ed37f950fa64e5d45914844f28b6baff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1336
cf-polished
origFmt=png, origSize=2683
content-disposition
inline; filename="Frame 1 (18).png"
x-image-height
214
alt-svc
h3=":443"; ma=86400
content-length
1156
x-image-width
214
cf-bgj
imgq:85,h2pri
last-modified
Mon, 15 Nov 2021 12:53:26 GMT
server
cloudflare
etag
"8b7ec9b40c656a70b214d8b3d0e90c2c"
vary
Accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6ppqkwU%2F6jQ%2FtJ9GD9NNWwIIrGdrCr1CMahMg0h1T1oqnubxQWBafeDibJUsBvrJry23jkCXjhgNf7WDPJ%2B3SLDPxt4Zs%2FzgCbVD%2FwamGg2MstmqJ1%2BC4xdSmNZL65sACygnrc5puc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31358177
accept-ranges
bytes
cf-ray
895b64961988568d-OSL
quill.js
cdn.quilljs.com/1.3.6/ 		427 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quilljs.com/1.3.6/quill.js
Requested by
Host: cdn.serviceform.com
URL: https://cdn.serviceform.com/serviceform-tools/pixel/sf-pixel.js?2024-06-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4da70cd71b5a0e224e95865829a8356a93907c7d47ebb6b23cb8014c6ff9c48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
269
etag
"c11e87e46275c866af8ef7b394884fb9"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyGQpF4EUpHAl0I7Zk3qFmEYq%2BXYh%2F%2BOI139ziR1d5hRLEVArYupuCtdoVTcASn6gRwf%2BrxFEUAaQpAoeRXj3DizH3WdhUzAXECxRe0BnUuQjG5P%2B5cKjORuTt9T%2FSqxQQMKMBvA4v59Q60stg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
895b64971b9d70b2-ARN
close-bot.svg
app.serviceform.com/servicechat/ 		974 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.serviceform.com/servicechat/close-bot.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.40.203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0b9a63b422ed22e32123a6e6d70515cc9904b20d8cdf5ff7b700ebc95b5797

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.norraflytt.se/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 13:49:03 GMT
date
Tue, 18 Jun 2024 12:48:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1359
x-cache
MISS, HIT
x-pantheon-styx-hostname
styx-fe1-b-68b4468bdf-l6rfr
alt-svc
h3=":443"; ma=86400
content-length
508
x-served-by
cache-chi-klot8100166-CHI, cache-lcy-eglc8600088-LCY
last-modified
Mon, 17 Jun 2024 07:00:00 GMT
server
cloudflare
x-timer
S1718713534.090907,VS0,VE3
etag
W/"666fdef0-3ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDjaKCHEzbgxMyvQ62Xed9QUtStIcWr%2BdCTcZxnwCRyu0sV6lG2Ro7kI7miVoG9vbpEzk4bc0C0LbxfHR9E7H3TWzRxPX6MIJoW92bBTVHDOkQaP4QDqeYkHb9ThahcdKqlXjcc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
x-styx-req-id
5bbd2599-2cb0-11ef-a583-428bddc51008
cache-control
max-age=31622400
accept-ranges
bytes
cf-ray
895b64961995568d-OSL
x-cache-hits
0, 2

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| tD string| u object| t number| sfpid undefined| $ function| jQuery object| wpcf7 object| wpzerospam object| jQuery1124034985219981036986 function| setCookie function| getCookie function| eraseCookie string| velocity object| FontAwesomeConfig object| sfPixel function| loadScript2 function| gtag function| gtag_report_offert function| gtag_report_call function| gtag_report_email function| gtag_report_prisdirekt function| gtag_report_snabboffert object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| _googWcmImpl string| _googWcmAk number| sfInitedBot string| sfId number| sfInitedAdv object| firebase function| jspbGetTypeName function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl object| sf_sdka number| sfPrompted string| google_wcc_status object| sf_sdk number| playingAudio number| sfLivePid object| serviceChatData string| sfDocTitle object| sfTranslations object| sfChatFlow number| sfPopupTimeout object| sfChatFlowStats string| $a number| sfLoggedView function| Fuse function| Quill string| sfFaqSeachPage

6 Cookies

Domain/Path Name / Value
www.norraflytt.se/ Name: sfpxs
Value: sid-rv24lp9rz7g8v5p5
.norraflytt.se/ Name: _gcl_au
Value: 1.1.611426175.1718714898
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.norraflytt.se/ Name: PHPSESSID
Value: h7e0pgqvfb6j601jenbjfjnpbd
www.norraflytt.se/ Name: wpzerospam_ip_checked
Value: 185.217.1.10
www.norraflytt.se/ Name: wpzerospam_has_access
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.serviceform.com
cdn.jsdelivr.net
cdn.quilljs.com
cdn.serviceform.com
eu.serviceform.com
europe-west1-ecstatic-fiber-261015.cloudfunctions.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.serviceform.com
norraflytt.se
use.fontawesome.com
widget.reco.se
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.norraflytt.se
zy1ssnfwwl.execute-api.eu-north-1.amazonaws.com
13.49.10.204
142.250.181.227
142.250.185.195
142.250.186.34
16.170.195.59
172.66.40.203
2001:4860:4802:36::36
216.58.206.68
216.58.212.162
2600:9000:211e:4a00:17:190:680:93a1
2606:4700:3037::ac43:8ef5
2606:4700:3108::ac42:28a3
2606:4700::6812:ba1f
2a00:1450:4001:800::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:812::2013
08cc080ba59fe41a812c6c85f4af52c1ed37f950fa64e5d45914844f28b6baff
0ecdc6188a4b2ec48e2ebf84a2a6584e78473f1216d7119832b5dc109bec7492
19acfb46d5c0e2e46a506f869e3432dd2077f38761d93d00c21837a523b3bece
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
210c0dec6b8654d40aca7610c693067129122f2dc88d1e5525365f7bb4a8e5cf
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2b90c5643c9fc6c32cfce5fcab8e2f8ad886d0f293b2e3ad50347c69261c5414
3137ea82d9c296ff59418d9c54c3c1dab88ed756d574383256640baecd010503
35028d8b29180d25f088276f08a172236a586fa479dfda97edfc7fc4144f173e
38babd5fba88d1b80036445aa32fcfc2d0234ce5b55100c58cef0b353856b805
396efbea6fd1f51689168b6c5bd3921defa7fa25c2704baf5b5376af1901efbf
3b89e7eb4b15b9f7bd2fd427d0325979b89470b568f9c7c6dbc002727603bf27
3becbdbad4a1f81c0e729596dc802c5cdf7edc0c5b6c232f0c82ab70119fd241
472700da53b5c2e7c8e21b3314b7b13ee282abbbb8127e34b4dd8c26c906f505
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4c915f227a916dffcc4641a994137d9f0b2faa79415eab65a64df6e6a90a56c4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
583a18e5d54139e1b88d534d4a7738e4e876188f0632ade155986b1cd54c7da0
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
69aeaea91332637e7fa5a23d36c000863173061fe3a6de70c7ed02677057080a
6b6a1249d0425ff5fc6b9a2fb9253dd3c60cf199d427f9628cd6641c09fabd2c
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
7313eea2b0a30dbeff22e56fc8009acc3cd9744edf2a5a5806258aa416a3aa55
7a0b9a63b422ed22e32123a6e6d70515cc9904b20d8cdf5ff7b700ebc95b5797
7c7111de7c44a6512c080536c0c6a726599050a333fc01326649848d36608091
8286cba42d4d3b8c5e5defd0ebf6b5a34b9c7abaee1102faeeea9e018b1b03f0
84c6d46056ea3b597cd27e86f25ddbde2120d33cc073f393652bafbefddcc522
892e299431955e9ae388ae257f72024ee76af2d52a7a97a868f70fbe50f16144
8bdda05bf696da0af13b2deac575c0d85f948cb32b909274f08d04e3343f4375
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9fe684cce0fd4d4884938158e9406adecea3103a4e86147c83f7cb3a505051d2
a4da70cd71b5a0e224e95865829a8356a93907c7d47ebb6b23cb8014c6ff9c48
a6381b070f0ed61061cc00089989c9f41ea0062cf77bd0dcb7efe036e0afb673
abdbd85ace4e054c7a56eb8911f6aa9c89134d78072107717163e15686b5c1a1
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8bc8e564fb1c02a8bb367fd99b0316ff2af6da2aaf9d96aa8fb651eaf9acf06
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bfac4390b2d6f2d7ecfe4b5cae6b0b105ce3493e40da8e8a479eb9d761af01ac
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce135cdf7388f9e7a2eaa2ff0a6d1dc61c42096df036349c2c9fb9cc78480785
d425d00f6a6bbe7f82c657d30a4ab2d5350d58163c6eb3c9a96c36d4aae5df3b
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
e4367d7ac4c0e94e174c248789508ca0bc07d75f4c11a21889a8f882353eaed9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903