urlscan.io logo urlscan.io
SecurityTrails logo

wellnesskortet.se Open in urlscan Pro
2606:4700:3030::ac43:95ef  Public Scan

Go To Rescan Add Verdict Report
URL: https://wellnesskortet.se/
Submission: On January 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 9 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3030::ac43:95ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is wellnesskortet.se.
TLS certificate: Issued by E1 on January 4th 2024. Valid for: 3 months.
This is the only time wellnesskortet.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:266... 16509 (AMAZON-02)
1 1 13.226.36.213 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.2.137 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
18 8
8    2606:4700:3030::ac43:95ef (United States)

ASN13335 (CLOUDFLARENET, US)
wellnesskortet.se
1    2607:f8b0:400d:c00::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2600:9000:266a:6000:17:be89:5340:93a1 (United States)

ASN16509 (AMAZON-02, US)
dynassets1.gavekortet.dk
1    13.226.36.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-36-213.ewr53.r.cloudfront.net
d37gvrvc0wt4s1.cloudfront.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:400d:c0d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
8 wellnesskortet.se
wellnesskortet.se
92 KB
4 gavekortet.dk
dynassets1.gavekortet.dk
387 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 604
495 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1593
15 KB
1 gstatic.com
fonts.gstatic.com
28 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
8 KB
1 cloudfront.net
d37gvrvc0wt4s1.cloudfront.net
490 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1008 B
0 googletagmanager.com Failed
www.googletagmanager.com Failed
18 9
Domain Requested by
8 wellnesskortet.se wellnesskortet.se
4 dynassets1.gavekortet.dk wellnesskortet.se
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com wellnesskortet.se
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com wellnesskortet.se
1 d37gvrvc0wt4s1.cloudfront.net 1 redirects
1 fonts.googleapis.com wellnesskortet.se
0 www.googletagmanager.com Failed wellnesskortet.se
18 9

This site contains links to these domains. Also see Links.

Domain
www.presentkorttorget.se
Subject Issuer Validity Valid
wellnesskortet.se
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dynassets1.gavekortet.dk
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wellnesskortet.se/
Frame ID: B738BAECB9090BDB529359A0462F8FFF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WellnessKortet

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

89 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

8
IPs

1
Countries

533 kB
Transfer

816 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://d37gvrvc0wt4s1.cloudfront.net/js/v1.7/rollbar.min.js HTTP 301
  • https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.7.0/rollbar.min.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wellnesskortet.se/ 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a420b786b16baa1815ea3cac9aac61d288bfe53fbb653b70cdaad720b6d9666b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
840786f7af91748a-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 05 Jan 2024 00:15:30 GMT
expires
Fri, 05 Jan 2024 00:25:30 UTC
gitlab-lb
haproxy-pages-01-lb-gprd
gitlab-sv
pages-us-east1-c
last-modified
Thu, 05 Jan 2023 10:14:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB%2FPG6CBXbd1Jjb6kVAhrH03q%2FicXZtEUIT5gLZbc3I1pK86psLTeS1%2FMBt3h0EXS1kI8Nm0TU0jOhJvTrv2hTC3wW2jjSrfm31U9t7XWyE2IKTsRFmuNVEcPeNtfjMIfXQy310OzidqATI2sjWNgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
css
fonts.googleapis.com/ 		5 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,300,700
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8046e624b87d35265325e160609ed4f96a327756ededf8594798dadf20a2b24a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jan 2024 00:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 22:42:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jan 2024 00:15:30 GMT
css0f74.css
wellnesskortet.se/Content/ 		106 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb651ed6becf5deeb36f0ba0368d7e80366e71b469f35529059c88d1dd17f667

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
content-encoding
br
gitlab-sv
gke-cny-pages
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
gitlab-lb
haproxy-pages-03-lb-gprd
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 05 Jan 2023 10:14:24 GMT
server
cloudflare
etag
W/"e6a13f0c4143a73e6fd0fe6abc2e191732e11480f2a510e0cf1ef59c313675c7"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP9zyBJAA1wjuAH%2BqEQ7OyKJHM7NP%2BlV5vOm3UfsiR3U8dh2t3EnH%2Bt3FWnGaMrNZX1SfJENezjZZvJDnIRY7j9Y8RBbnLiiXOZ8JzI8QdXkxWIkJTpvjtrRcEZRk6UdWMvDx9UvZBfV0H0tQnkgrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
840786f9ab29748a-MIA
expires
Fri, 05 Jan 2024 00:25:31 UTC
1.jpg
dynassets1.gavekortet.dk/themes/6/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dynassets1.gavekortet.dk/themes/6/1.jpg
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:6000:17:be89:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dbed9704098eb0e8cb93f25e88b38d5f9b291c92f2a0429dc1e7865764f7a30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:32 GMT
via
1.1 9feee68c149ffc812d2a7f5683100dd2.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 21:21:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5
etag
"143a77e7ee4ac165cbf34502fc505656"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
content-length
27089
x-amz-cf-id
TLfY7SN9iQxrryH98fji_HnOvk4S0jVlrPnByjUKiDdnImYTLW3vcQ==
2.jpg
dynassets1.gavekortet.dk/themes/6/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dynassets1.gavekortet.dk/themes/6/2.jpg
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:6000:17:be89:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
024472c299bf6259e9df422f5e58c46d29473cf0e338acf48debfda3fabcaafe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:32 GMT
via
1.1 9feee68c149ffc812d2a7f5683100dd2.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 21:21:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5
etag
"48a4f8e4f62c8a09f17ed29c430eba89"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
content-length
40594
x-amz-cf-id
Vn4uLamWq0aG6znTBGUZJWwKWbgDS6vrll6S9YbQNMSQtHgWqwJzoA==
logo_footer.png
dynassets1.gavekortet.dk/themes/6/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dynassets1.gavekortet.dk/themes/6/logo_footer.png
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:6000:17:be89:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e21b1bead90d3c3fb76bc2ff8df58aba131214997e4a252e3cf1615f3b94c6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:32 GMT
via
1.1 9feee68c149ffc812d2a7f5683100dd2.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 21:21:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5
etag
"7521d421118dad926b1cf080a8e92cbc"
x-cache
Miss from cloudfront
content-type
image/png
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
content-length
5227
x-amz-cf-id
vSQFf_FPWjjOWIehq_960BlEpJqoOBXoFi6NyAgPa5Rr_E3aay4gyw==
loading.gif
wellnesskortet.se/Images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellnesskortet.se/Images/loading.gif
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
gitlab-sv
pages-us-east1-d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
gitlab-lb
haproxy-pages-05-lb-gprd
alt-svc
h3=":443"; ma=86400
content-length
3208
last-modified
Thu, 05 Jan 2023 10:14:24 GMT
server
cloudflare
etag
"e6a13f0c4143a73e6fd0fe6abc2e191732e11480f2a510e0cf1ef59c313675c7"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7aROk%2BUtMI4h9vN%2FNwlvX0KyR9v4q0GXIYifGedO44dVElVa9ERO%2FYPUGW8bT002z%2BAT1T%2FDbvkk3TESmw%2FoymMYHbI1%2BnilZPfAbyEk1kbf14D8f5%2BTa%2BxmqXXN8xB%2BdKpEcKooZhfCzHETs%2FpEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
840786fb99b72597-MIA
expires
Fri, 05 Jan 2024 00:25:31 UTC
email-decode.min.js
wellnesskortet.se/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellnesskortet.se/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6581a422-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pWhviqVT3t%2FxFfN72KNVuThnpcvIryrVh786nT39clznWa9s6j7DQnLlcScCtiLWO04rUbWlsJu21hENlKxmlZzcATYOIpRMd26TVlKI%2FU4KvQs%2BzsaVeSQwqo6Bh1fGxUkmz7p6Bg13oWSuDT%2Bmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
840786fb99bf2597-MIA
expires
Sun, 07 Jan 2024 00:15:31 GMT
start2abd
wellnesskortet.se/bundles/ 		196 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellnesskortet.se/bundles/start2abd?v=CTJ4WvLt5lR9LAejDmZbzwyWJjcipGn8fwRF-_i_3qA1
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
692208c3529ee1ea72cd55a31a7bdef7700f32b81d5fd3ae561f6958e5559189

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
content-encoding
br
gitlab-sv
pages-us-east1-d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
gitlab-lb
haproxy-pages-05-lb-gprd
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 05 Jan 2023 10:14:24 GMT
server
cloudflare
etag
W/"e6a13f0c4143a73e6fd0fe6abc2e191732e11480f2a510e0cf1ef59c313675c7"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GM4QzT12I4JeLQe9NV3fFi3D3Wxkjkm%2BCYnY2ggvfVOA%2B32jleZoQ2xf8HD2Ibl1k875Cas0Gsw02GkYryNM7aEztPIPJDnXgXlcPtahyKWDxNFcJMGHvA5rudxDVAyW3l5AAHSPj6OWh0HVjxUAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=600
permissions-policy
interest-cohort=()
cf-ray
840786fb99c32597-MIA
expires
Fri, 05 Jan 2024 00:25:31 UTC
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.7.0/
Redirect Chain
  • https://d37gvrvc0wt4s1.cloudfront.net/js/v1.7/rollbar.min.js
  • https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.7.0/rollbar.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.7.0/rollbar.min.js
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af9e3c26fe7265ee496079ff54e57bee9484e007f35c243f828016f5a01c3b8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
937873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7988
last-modified
Mon, 04 May 2020 16:16:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc0-5e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWKiDkm3rssn8%2FFIs151jKv6Ho9ifrM656%2BEM3aD8rCxxrNJi%2B6UihEaucRTmdaV0OR5bp%2BmPq2R3PWp2ZOAJvRg7c7BISTLaoOf%2BMSruEk4bLaSofn7s%2F9qOPL4Y%2FlG1eD7DzmluvAE79TFeqscGvcF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
840786fd4ef6dad5-MIA
expires
Wed, 25 Dec 2024 00:15:31 GMT

Redirect headers

Date
Thu, 04 Jan 2024 20:16:43 GMT
Via
1.1 google, 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
EWR53-C2
Age
14328
X-Cache
Hit from cloudfront
Content-Type
text/html
Location
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/1.7.0/rollbar.min.js
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
162
X-Amz-Cf-Id
WU_0xX4agd9eRoMR5LC-JSUcmrUXcpBBUJcJk6tytZvUb1WPr2sBoA==
background.jpg
wellnesskortet.se/Images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellnesskortet.se/Images/background.jpg
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00bb4f55e680d6681982b0fe2d64aab1e9569e47e21605f168b9af09b771742
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
content-encoding
br
x-content-type-options
nosniff
gitlab-sv
pages-us-east1-c
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ql7zLIIr095Q1i14wL9ECrzqtR977G4nlgfACI47zvizEwxi55Z11qMagjEbp0R8%2FUtGih4hK6ZLtyIDl3w7yS7NvohBpHJIhytVBaYhPXxfFgb99SGu2L77YQRMaO7MFdxtu5XhgKRTVPTGyOdN4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
gitlab-lb
haproxy-pages-01-lb-gprd
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
840786fbda652597-MIA
alt-svc
h3=":443"; ma=86400
trans-000-a30.png
wellnesskortet.se/Images/ 		189 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellnesskortet.se/Images/trans-000-a30.png
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c392952ed76e613a4f09acb311b3c625aa071626d25f4c7ec5c44ab887cca618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
gitlab-sv
pages-us-east1-c
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
gitlab-lb
haproxy-pages-04-lb-gprd
alt-svc
h3=":443"; ma=86400
content-length
189
last-modified
Thu, 05 Jan 2023 10:14:24 GMT
server
cloudflare
etag
"e6a13f0c4143a73e6fd0fe6abc2e191732e11480f2a510e0cf1ef59c313675c7"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl0wLfZPmOwfK%2Fpz3VfrKY09CBFigtaoXNoi2cKGlm707CCWKDh2oaJSajc%2FIW8jcqA7A%2BIHjIh7wgCSgjN16RAcCyQ%2BzQpMH%2B5AJHyqz1loLLX24tPMbew58%2BMqiKe%2FQa8mmV3LjGQuqIPHkE425A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
840786fbda672597-MIA
expires
Fri, 05 Jan 2024 00:25:31 UTC
trans-068-a30.png
wellnesskortet.se/Images/ 		189 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellnesskortet.se/Images/trans-068-a30.png
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:95ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a66a8d58fade4db6830ac4f6bd9e20157189e25f11939d770d57b0e9fcc152

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/Content/css0f74.css?v=v0XQFGAINeO7bS6jC_BdsEqHzbAWZOQHAB2Gt6YwbLU1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:31 GMT
gitlab-sv
pages-us-east1-b
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
gitlab-lb
haproxy-pages-03-lb-gprd
alt-svc
h3=":443"; ma=86400
content-length
189
last-modified
Thu, 05 Jan 2023 10:14:24 GMT
server
cloudflare
etag
"e6a13f0c4143a73e6fd0fe6abc2e191732e11480f2a510e0cf1ef59c313675c7"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaeJoeJD25W00vLhWIjEL%2BtbqTJGWm1N7lIhXy4fbBwpUu7vx%2F7T2b604k761GcR9RwYD8Mq0xKC2H0GjvLQvvsV6IFjEPIWO5JBu0LSxhIVje69FgKkSgmi%2BBon0Ce57YU7FTp4rbvEA1qGJu7oRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
permissions-policy
interest-cohort=()
accept-ranges
bytes
cf-ray
840786fbda692597-MIA
expires
Fri, 05 Jan 2024 00:25:31 UTC
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wellnesskortet.se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:35:24 GMT
x-content-type-options
nosniff
age
135607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28512
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jan 2025 10:35:24 GMT
background.jpg
dynassets1.gavekortet.dk/themes/6/ 		314 KB
315 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dynassets1.gavekortet.dk/themes/6/background.jpg
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266a:6000:17:be89:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ae80108487a6bae184dea380d1452484f125d204ea38276a1415ca2a86b15f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:32 GMT
via
1.1 9feee68c149ffc812d2a7f5683100dd2.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 21:21:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P5
etag
"724354773462c08e013266d754f47587"
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
accept-ranges
bytes
content-length
321973
x-amz-cf-id
yB32920RQdk1iieE1R6S3j76t69Ko9kb0fAZimJLCNwY6VR6dWDCMg==
gtm.js
www.googletagmanager.com/ 		0
0
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: wellnesskortet.se
URL: https://wellnesskortet.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
ibRtDmp9QPDop46QbSE1xCN8MEKug8pl
content-encoding
br
via
1.1 varnish
date
Fri, 05 Jan 2024 00:15:32 GMT
strict-transport-security
max-age=300
x-amz-request-id
7N5RPRH9WB3K265M
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15095
x-amz-id-2
brs2HxZrhILJU0+LSoqMPHkyeKeWqsifUiriQxY30zXR4cLmgLBn2ETQuIVXKNLdPRcLoQwAv50=
x-served-by
cache-mia-kmia1760054-MIA
last-modified
Wed, 18 Oct 2023 20:59:41 GMT
server
AmazonS3
x-timer
S1704413732.479840,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
2183
a6334ec95b
bam.nr-data.net/1/ 		56 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/a6334ec95b?a=1765316&v=1216.487a282&to=ZFBXMhdUC0tTVEBbXF0aeDAmGi1XX1J3XV1HR1oKCVAXF3tZUFdL&rst=2109&ck=1&ref=https://wellnesskortet.se/&ap=14&be=442&fe=1996&dc=1100&tt=B2E0E9E96AAF8940&perf=%7B%22timing%22:%7B%22of%22:1704413730398,%22n%22:0,%22f%22:0,%22dn%22:19,%22dne%22:19,%22c%22:19,%22s%22:50,%22ce%22:92,%22rq%22:92,%22rp%22:396,%22rpe%22:412,%22dl%22:403,%22di%22:1100,%22ds%22:1100,%22de%22:1107,%22dc%22:1995,%22l%22:1995,%22le%22:1996%7D,%22navigation%22:%7B%7D%7D&fp=824&fcp=824&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wellnesskortet.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:15:32 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-mia-kmia1760094-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
http://www.googletagmanager.com/gtm.js?id=GTM-9DHC

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| NREUM object| newrelic function| __nr_require object| _rollbarConfig object| _rollbarShimQueue object| _rollbarWrappedError object| Rollbar object| dataLayer object| localization object| _rollbarPayloadQueue object| _globalRollbarOptions function| RollbarNotifier boolean| _rollbarInitialized function| fitHeight function| checkSaldo function| parseStatus function| parseError function| $ function| jQuery string| link

1 Cookies

Domain/Path Name / Value
.nr-data.net/ Name: JSESSIONID
Value: e8776e7f35214c66

11 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning URL: https://wellnesskortet.se/
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wellnesskortet.se/
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wellnesskortet.se/
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/logo_footer.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wellnesskortet.se/(Line 157)
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wellnesskortet.se/(Line 157)
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wellnesskortet.se/(Line 157)
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/logo_footer.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://wellnesskortet.se/Images/background.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://wellnesskortet.se/
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/background.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://wellnesskortet.se/
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure element 'http://dynassets1.gavekortet.dk/themes/6/background.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://wellnesskortet.se/(Line 207)
Message:
Mixed Content: The page at 'https://wellnesskortet.se/' was loaded over HTTPS, but requested an insecure script 'http://www.googletagmanager.com/gtm.js?id=GTM-9DHC'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
d37gvrvc0wt4s1.cloudfront.net
dynassets1.gavekortet.dk
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
wellnesskortet.se
www.googletagmanager.com
www.googletagmanager.com
13.226.36.213
151.101.2.137
162.247.243.29
2600:9000:266a:6000:17:be89:5340:93a1
2606:4700:3030::ac43:95ef
2606:4700::6811:180e
2607:f8b0:400d:c00::5f
2607:f8b0:400d:c0d::5e
024472c299bf6259e9df422f5e58c46d29473cf0e338acf48debfda3fabcaafe
1b1e54380b8b8e45010115f3d0f7caad60ca0f34be8bee3e11e11727cc64d49f
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4af9e3c26fe7265ee496079ff54e57bee9484e007f35c243f828016f5a01c3b8
692208c3529ee1ea72cd55a31a7bdef7700f32b81d5fd3ae561f6958e5559189
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
71a66a8d58fade4db6830ac4f6bd9e20157189e25f11939d770d57b0e9fcc152
8046e624b87d35265325e160609ed4f96a327756ededf8594798dadf20a2b24a
9ae80108487a6bae184dea380d1452484f125d204ea38276a1415ca2a86b15f0
9dbed9704098eb0e8cb93f25e88b38d5f9b291c92f2a0429dc1e7865764f7a30
a00bb4f55e680d6681982b0fe2d64aab1e9569e47e21605f168b9af09b771742
a420b786b16baa1815ea3cac9aac61d288bfe53fbb653b70cdaad720b6d9666b
b2e21b1bead90d3c3fb76bc2ff8df58aba131214997e4a252e3cf1615f3b94c6
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e
bb651ed6becf5deeb36f0ba0368d7e80366e71b469f35529059c88d1dd17f667
c392952ed76e613a4f09acb311b3c625aa071626d25f4c7ec5c44ab887cca618