Submitted URL: https://sikkertavlop.no/
Effective URL: https://www.jetshytte.no/
Submission: On September 23 via automatic, source certstream-suspicious — Scanned from NO

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.jetshytte.no.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 17th 2024. Valid for: 6 months.
This is the only time www.jetshytte.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:5b40:0:2... 12996 (DOMENESHO...)
4 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
3 20.150.53.68 8075 (MICROSOFT...)
4 2606:2800:233... 15133 (EDGECAST)
1 3 172.217.18.2 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
19 8
Apex Domain
Subdomains
Transfer
4 cookieinformation.com
policy.app.cookieinformation.com — Cisco Umbrella Rank: 36608
54 KB
4 jetshytte.no
www.jetshytte.no
92 KB
3 googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 345
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
846 B
3 windows.net
storagejetsgroupwebprod.blob.core.windows.net
182 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
286 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3714
1 gstatic.com
fonts.gstatic.com
29 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
1 sikkertavlop.no
sikkertavlop.no
321 B
19 9
Domain Requested by
4 policy.app.cookieinformation.com www.googletagmanager.com
policy.app.cookieinformation.com
4 www.jetshytte.no www.jetshytte.no
3 storagejetsgroupwebprod.blob.core.windows.net www.jetshytte.no
3 www.googletagmanager.com www.jetshytte.no
www.googletagmanager.com
2 ade.googlesyndication.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.jetshytte.no
1 sikkertavlop.no 1 redirects
19 10
Subject Issuer Validity Valid
www.jetshytte.no
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-08-17 -
2025-02-17
6 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 04
2024-06-17 -
2025-06-12
a year crt.sh
sni9bc9gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-29 -
2025-01-28
a year crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.jetshytte.no/
Frame ID: 41188686EC231F8189D09B7F15086125
Requests: 18 HTTP requests in this frame

Frame: https://policy.app.cookieinformation.com/cookiesharingiframe.html
Frame ID: 2463202C7246E6B2ECEADAC828DC0ACD
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sikkertavlop.no/ HTTP 301
    https://www.jetshytte.no/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

646 kB
Transfer

1576 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sikkertavlop.no/ HTTP 301
    https://www.jetshytte.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ade.googlesyndication.com/ddm/activity/src=9082600;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49j0v9183063505z878175599za201zb78175599;gcs=G100;gcd=13p3p3p2p5l1;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.jetshytte.no%2F HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9082600;dc_pre=COe6ucqa2ogDFYJNHgIdrOgMiQ;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49j0v9183063505z878175599za201zb78175599;gcs=G100;gcd=13p3p3p2p5l1;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.jetshytte.no%2F

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.jetshytte.no/
Redirect Chain
  • https://sikkertavlop.no/
  • https://www.jetshytte.no/
50 KB
14 KB
Document
General
Full URL
https://www.jetshytte.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ SEOmatic
Resource Hash
0d444860e2c49d8a2a070f9e40bbd70df406f8ebb6a572fc9d9d48291004448b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
content-type
text/html; charset=utf-8
date
Mon, 23 Sep 2024 23:22:22 GMT
link
<https://www.jetshytte.no>; rel='canonical'
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade no-referrer-when-downgrade no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-azure-ref
20240923T232222Z-1544dd74d467nwwgaqkxts9fh000000009z00000000066gd
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
SEOmatic
x-robots-tag
all
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
max-age=3600 public
content-type
text/html
date
Mon, 23 Sep 2024 23:22:22 GMT
expires
Tue, 24 Sep 2024 00:22:22 GMT
location
https://www.jetshytte.no/
server
openresty
main.css
www.jetshytte.no/dist/
70 KB
11 KB
Stylesheet
General
Full URL
https://www.jetshytte.no/dist/main.css?id=406edd8d0e99177b9c11982c45725ddf
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
84fe904d1815c246c24a918eec0e332104f23c01b3d245db209a3659cd20ced4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-encoding
gzip
etag
W/"667be190-118bc"
x-content-type-options
nosniff, nosniff
expires
Mon, 30 Sep 2024 23:22:22 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 23 Sep 2024 23:22:22 GMT
content-type
text/css
last-modified
Wed, 26 Jun 2024 09:38:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
cache-control
max-age=604800
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block, 1; mode=block
x-azure-ref
20240923T232222Z-1544dd74d467nwwgaqkxts9fh000000009z00000000066gz
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56cb25f88fde0c0c7cda4c414ded9ab8be9621bd9b7ba25f84f8584e7f2179ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Sep 2024 23:22:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 23:22:22 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 23 Sep 2024 23:22:22 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.js
www.jetshytte.no/dist/
221 KB
65 KB
Script
General
Full URL
https://www.jetshytte.no/dist/main.js?id=add4b344eeb863e7ac07176bb673c83a
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
da3e067cc4a6f5e84b560584bc21f8a129b3ab743e0a709b0b84e04420496964
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-encoding
gzip
etag
W/"667be190-3735d"
x-content-type-options
nosniff, nosniff
expires
Mon, 30 Sep 2024 23:22:22 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 23 Sep 2024 23:22:22 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 26 Jun 2024 09:38:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
cache-control
max-age=604800
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block, 1; mode=block
x-azure-ref
20240923T232222Z-1544dd74d467nwwgaqkxts9fh000000009z00000000066h0
gtm.js
www.googletagmanager.com/
293 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKGRNS2
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
962126604030b6dd9f5ae8f6e34db1f07f281ffc1b361165e8a43f933fbcb5f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-encoding
br
expires
Mon, 23 Sep 2024 23:22:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 23:22:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 22:57:43 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
102366
x-xss-protection
0
server
Google Tag Manager
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.jetshytte.no
Referer
https://fonts.googleapis.com/

Response headers

age
553834
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 13:31:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 13:31:49 GMT
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30096
x-xss-protection
0
server
sffe
Jets_image_3D_interior_toilet_porcelain_wall_Jade_CAB_Fjellhytten_straight_12K_0322_web.webp
storagejetsgroupwebprod.blob.core.windows.net/az-container-jetsgroupweb/images/Jetshytte.no/_1800xAUTO_crop_center-center_none/49051/
104 KB
105 KB
Image
General
Full URL
https://storagejetsgroupwebprod.blob.core.windows.net/az-container-jetsgroupweb/images/Jetshytte.no/_1800xAUTO_crop_center-center_none/49051/Jets_image_3D_interior_toilet_porcelain_wall_Jade_CAB_Fjellhytten_straight_12K_0322_web.webp
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.53.68 Oslo, Norway, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ea2fc0a46ee2f8f4c3f3e9b1d9d8a6e5b012c008a59c82cc4ce3dce0ba69317

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

Content-MD5
CdtRlPeVgdim53y59cku+w==
Cache-Control
max-age=31622400
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DB3CD400D7AC58
x-ms-request-id
4dd9e16e-801e-0065-470f-0ec73b000000
Content-Length
106588
Date
Mon, 23 Sep 2024 23:22:22 GMT
Content-Type
image/webp
Last-Modified
Fri, 14 Apr 2023 10:35:44 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
Jets_image_CAB_Familie_ute_hytta_417462575.webp
storagejetsgroupwebprod.blob.core.windows.net/az-container-jetsgroupweb/images/Jetshytte.no/_600xAUTO_crop_center-center_none/110445/
29 KB
29 KB
Image
General
Full URL
https://storagejetsgroupwebprod.blob.core.windows.net/az-container-jetsgroupweb/images/Jetshytte.no/_600xAUTO_crop_center-center_none/110445/Jets_image_CAB_Familie_ute_hytta_417462575.webp
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.53.68 Oslo, Norway, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
eca09ec87af6021ca2894ccc2b2b5b4a50fca5efa4ee46ee1289261f769a4854

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

Content-MD5
EPGrmuOLjSo68QyMSRfINQ==
Cache-Control
max-age=31536000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DC4CBAA2E2FA14
x-ms-request-id
3a832c51-301e-0002-5d0f-0ed7c7000000
Content-Length
29454
Date
Mon, 23 Sep 2024 23:22:22 GMT
Content-Type
image/webp
Last-Modified
Mon, 25 Mar 2024 10:59:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
Jets_image_CAB_image_cabin_mountain_Fjellhytte_forside_web.webp
storagejetsgroupwebprod.blob.core.windows.net/az-container-jetsgroupweb/images/Jetshytte.no/_600xAUTO_crop_center-center_none/49077/
48 KB
48 KB
Image
General
Full URL
https://storagejetsgroupwebprod.blob.core.windows.net/az-container-jetsgroupweb/images/Jetshytte.no/_600xAUTO_crop_center-center_none/49077/Jets_image_CAB_image_cabin_mountain_Fjellhytte_forside_web.webp
Requested by
Host: www.jetshytte.no
URL: https://www.jetshytte.no/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.53.68 Oslo, Norway, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
71653c9bf28ea80aff3cb69ad79a6d36dc26106e82926b221f9670a4c63b6d5c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

Content-MD5
bY//4KCKHx9FKJhj67OjMg==
Cache-Control
max-age=31622400
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DB3CD30E05BD06
x-ms-request-id
dddc9168-301e-005f-760f-0edd43000000
Content-Length
48998
Date
Mon, 23 Sep 2024 23:22:22 GMT
Content-Type
image/webp
Last-Modified
Fri, 14 Apr 2023 10:28:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
uc.js
policy.app.cookieinformation.com/
40 KB
41 KB
Script
General
Full URL
https://policy.app.cookieinformation.com/uc.js?language=NB&gcmEnabledByConsentLibrary=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKGRNS2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7ea0958cd8b4dee62fde6d2439c54abd6a86cfccbaffebd286f35a7b5d6daf22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-md5
xLtFseBKzkfQP0GBk12KVw==
x-robots-tag
noindex, noarchive, nosnippet
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCDBE84DED7B77
expires
Mon, 23 Sep 2024 23:27:23 GMT
date
Mon, 23 Sep 2024 23:22:22 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 15:56:36 GMT
cache-control
max-age=300
x-ms-request-id
1b2b7f1c-a01e-0051-5c0f-0e136c000000
access-control-allow-origin
*
content-length
41217
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
js
www.googletagmanager.com/gtag/
335 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-55KXYQF7CE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKGRNS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9371ae182c0c8a30924d6bff8a7a341cb448a9b1030928b4db3409744972fa7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Mon, 23 Sep 2024 23:22:23 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110707
date
Mon, 23 Sep 2024 23:22:23 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
destination
www.googletagmanager.com/gtag/
217 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9082600&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKGRNS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e741c18d81518dafaa4b0c27c8cc05108bede1357eb4989c1f5a1899139da0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-encoding
br
expires
Mon, 23 Sep 2024 23:22:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 23:22:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 22:57:43 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
79483
x-xss-protection
0
server
Google Tag Manager
cabl.json
policy.app.cookieinformation.com/cookie-data/jetshytte.no/
3 KB
925 B
XHR
General
Full URL
https://policy.app.cookieinformation.com/cookie-data/jetshytte.no/cabl.json
Requested by
Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js?language=NB&gcmEnabledByConsentLibrary=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F698) /
Resource Hash
4968eb2d74769946f13255c3c10eb7f87d0d9e0a1c8ec327ae25d565c6dd6e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-md5
QQAjXTNuOLlUsgzLqVGMbA==
x-robots-tag
noindex, noarchive, nosnippet
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCDBE55AD5DB73
age
297
x-ms-version
2009-09-19
expires
Mon, 23 Sep 2024 23:27:23 GMT
x-cache
HIT
date
Mon, 23 Sep 2024 23:22:23 GMT
content-type
application/json
last-modified
Mon, 23 Sep 2024 15:35:29 GMT
vary
Accept-Encoding
cache-control
max-age=300
x-ms-request-id
44151e51-301e-00fa-330e-0e6ca6000000
access-control-allow-origin
*
content-length
491
x-ms-blob-type
BlockBlob
server
ECAcc (ska/F698)
cookiesharingiframe.html
policy.app.cookieinformation.com/ Frame 2463
0
0
Document
General
Full URL
https://policy.app.cookieinformation.com/cookiesharingiframe.html
Requested by
Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js?language=NB&gcmEnabledByConsentLibrary=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A3) /
Resource Hash

Request headers

Referer
https://www.jetshytte.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age
12
cache-control
max-age=300
content-encoding
gzip
content-length
2809
content-md5
xqkKVmywb8mz//pJblCHTA==
content-type
text/html
date
Mon, 23 Sep 2024 23:22:23 GMT
etag
0x8DCDBE84DEE4B34
expires
Mon, 23 Sep 2024 23:27:23 GMT
last-modified
Mon, 23 Sep 2024 15:56:36 GMT
server
ECAcc (ska/F7A3)
vary
Accept-Encoding
x-cache
HIT
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
4084b71e-301e-00a7-390f-0e6622000000
x-ms-version
2009-09-19
x-robots-tag
noindex, noarchive, nosnippet
nb.js
policy.app.cookieinformation.com/fe2ae0/jetshytte.no/
122 KB
13 KB
Script
General
Full URL
https://policy.app.cookieinformation.com/fe2ae0/jetshytte.no/nb.js
Requested by
Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js?language=NB&gcmEnabledByConsentLibrary=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F792) /
Resource Hash
73da8a4add65cec4651ab645412e40bdda43a49e65fcd7366514faf77acf2577

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-md5
ekTmEGn+66qqP1QOMw/4BA==
x-robots-tag
noindex, noarchive, nosnippet
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCDBE55AF387F1
age
297
x-ms-version
2009-09-19
expires
Mon, 23 Sep 2024 23:27:23 GMT
x-cache
HIT
date
Mon, 23 Sep 2024 23:22:23 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 15:35:29 GMT
vary
Accept-Encoding
cache-control
max-age=300
x-ms-request-id
5dfe5afe-c01e-0078-090e-0e2d18000000
access-control-allow-origin
*
content-length
12743
x-ms-blob-type
BlockBlob
server
ECAcc (ska/F792)
favicon-32x32.png
www.jetshytte.no/
2 KB
2 KB
Other
General
Full URL
https://www.jetshytte.no/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1d615f77767e80b284d8936950ed8e63ca38e65776a40066ea28bdb3274cb3a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

etag
"667be150-6ea"
x-content-type-options
nosniff, nosniff
expires
Mon, 30 Sep 2024 23:22:23 GMT
x-cache
CONFIG_NOCACHE
date
Mon, 23 Sep 2024 23:22:23 GMT
content-type
image/png
last-modified
Wed, 26 Jun 2024 09:37:20 GMT
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
cache-control
max-age=604800
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
1770
x-xss-protection
1; mode=block, 1; mode=block
x-azure-ref
20240923T232223Z-1544dd74d467nwwgaqkxts9fh000000009z00000000066hp
src=9082600;dc_pre=COe6ucqa2ogDFYJNHgIdrOgMiQ;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49j0v9183063...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9082600;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45f...
  • https://ade.googlesyndication.com/ddm/activity/src=9082600;dc_pre=COe6ucqa2ogDFYJNHgIdrOgMiQ;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
42 B
118 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9082600;dc_pre=COe6ucqa2ogDFYJNHgIdrOgMiQ;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49j0v9183063505z878175599za201zb78175599;gcs=G100;gcd=13p3p3p2p5l1;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.jetshytte.no%2F?
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Sep 2024 23:22:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=9082600;dc_pre=COe6ucqa2ogDFYJNHgIdrOgMiQ;type=pagev0;cat=pagev0;ord=1;num=9046870547212;npa=1;gdid=dNmIyNz;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe49j0v9183063505z878175599za201zb78175599;gcs=G100;gcd=13p3p3p2p5l1;dma_cps=-;dma=1;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.jetshytte.no%2F?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 23 Sep 2024 23:22:24 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
landing
pagead2.googlesyndication.com/pagead/
42 B
64 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5l1&tag_exp=0&rnd=1138848961.1727133744&url=https%3A%2F%2Fwww.jetshytte.no%2F&dma_cps=-&dma=1&npa=1&gtm=45He49j0n81PKGRNS2v78175599za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKGRNS2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 23 Sep 2024 23:22:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-55KXYQF7CE&gtm=45je49j0v895496261z878175599za200zb78175599&_p=1727133742929&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dNmIyNz&gtm_up=1&cid=1095010724.1727133744&ul=no-no&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1727133743&sct=1&seg=0&dl=https%3A%2F%2Fwww.jetshytte.no%2F&dt=Jets%20Hytte%20%7C%20Homepage&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2182
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-55KXYQF7CE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.jetshytte.no/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.jetshytte.no
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 23 Sep 2024 23:22:24 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| handleFirstTab function| handleMouseDownOnce string| googleMapsApiKey string| CRAFT_CSRF_TOKEN string| CRAFT_CSRF_TOKEN_NAME object| dataLayer object| webpackChunkcraftup object| lazySizes object| googleMapsLoader object| Alpine function| Swiper object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| cicc object| cicl boolean| CookieInformationScriptLoaded object| CookieInformation boolean| isCookieInformationAPIReady object| CookieConsent object| CookieConsentDialog object| coiConsentBanner object| renewBtn object| purposesList function| insertPurposesInList function| toggleDetails function| toggleIndicator function| showDescription function| togglePlaceholderElementsOnConsent function| showCookieBanner function| hideCookieBanner function| gtag object| utag_data object| utag object| _mtm object| gaGlobal

1 Cookies

Domain/Path Name / Value
www.jetshytte.no/ Name: CRAFT_CSRF_TOKEN
Value: 1a077cd33e62caa03e7c33b039c14f31bca62956d1453908951b3b7bcce514c9a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22AczD2zBMczQ5O5hPU_7S8Iqin4zMQF_Fn3M7skQN%22%3B%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://cmsadmin.jetsgroup.com https://www.jetsgroup.com https://*.jetsgroup.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
policy.app.cookieinformation.com
region1.google-analytics.com
sikkertavlop.no
storagejetsgroupwebprod.blob.core.windows.net
www.googletagmanager.com
www.jetshytte.no
142.250.186.99
172.217.18.2
20.150.53.68
2001:4860:4802:34::36
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:808::2008
2a00:1450:4001:82b::200a
2a01:5b40:0:248::52
0d444860e2c49d8a2a070f9e40bbd70df406f8ebb6a572fc9d9d48291004448b
1d615f77767e80b284d8936950ed8e63ca38e65776a40066ea28bdb3274cb3a5
4968eb2d74769946f13255c3c10eb7f87d0d9e0a1c8ec327ae25d565c6dd6e8d
56cb25f88fde0c0c7cda4c414ded9ab8be9621bd9b7ba25f84f8584e7f2179ef
5ea2fc0a46ee2f8f4c3f3e9b1d9d8a6e5b012c008a59c82cc4ce3dce0ba69317
71653c9bf28ea80aff3cb69ad79a6d36dc26106e82926b221f9670a4c63b6d5c
73da8a4add65cec4651ab645412e40bdda43a49e65fcd7366514faf77acf2577
7ea0958cd8b4dee62fde6d2439c54abd6a86cfccbaffebd286f35a7b5d6daf22
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
84fe904d1815c246c24a918eec0e332104f23c01b3d245db209a3659cd20ced4
9371ae182c0c8a30924d6bff8a7a341cb448a9b1030928b4db3409744972fa7f
962126604030b6dd9f5ae8f6e34db1f07f281ffc1b361165e8a43f933fbcb5f8
da3e067cc4a6f5e84b560584bc21f8a129b3ab743e0a709b0b84e04420496964
e741c18d81518dafaa4b0c27c8cc05108bede1357eb4989c1f5a1899139da0a2
eca09ec87af6021ca2894ccc2b2b5b4a50fca5efa4ee46ee1289261f769a4854
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629