urlscan.io logo urlscan.io
SecurityTrails logo

www.kontorsflyttstockholm.com Open in urlscan Pro
2606:4700:3034::ac43:bb3f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kontorsflyttstockholm.com/
Effective URL: https://www.kontorsflyttstockholm.com/
Submission: On May 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3034::ac43:bb3f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kontorsflyttstockholm.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time www.kontorsflyttstockholm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3034::ac43:bb3f (United States)

ASN13335 (CLOUDFLARENET, US)
kontorsflyttstockholm.com
www.kontorsflyttstockholm.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:3108::ac42:288d (United States)

ASN13335 (CLOUDFLARENET, US)
uploads.staticjw.com
1    2606:4700:3033::6815:4f5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.kontorsflyttstockholm.com
2    35.156.93.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-93-6.eu-central-1.compute.amazonaws.com
analytics.freespee.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3034::6815:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)
redistats.com
Apex Domain
Subdomains		 Transfer
5 kontorsflyttstockholm.com
kontorsflyttstockholm.com
www.kontorsflyttstockholm.com
17 KB
3 staticjw.com
uploads.staticjw.com
137 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 freespee.com
analytics.freespee.com — Cisco Umbrella Rank: 91736
17 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
ajax.googleapis.com — Cisco Umbrella Rank: 295
32 KB
1 redistats.com
redistats.com
655 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
51 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
6 KB
17 9
Domain Requested by
4 www.kontorsflyttstockholm.com www.kontorsflyttstockholm.com
3 uploads.staticjw.com www.kontorsflyttstockholm.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 analytics.freespee.com www.kontorsflyttstockholm.com
analytics.freespee.com
1 redistats.com www.kontorsflyttstockholm.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.kontorsflyttstockholm.com
1 cdnjs.cloudflare.com www.kontorsflyttstockholm.com
1 ajax.googleapis.com www.kontorsflyttstockholm.com
1 fonts.googleapis.com www.kontorsflyttstockholm.com
1 kontorsflyttstockholm.com 1 redirects
17 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.freespee.com
Amazon		 2021-08-03 -
2022-09-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.kontorsflyttstockholm.com/
Frame ID: 0658D380DA0BE29A73D0B03C99DE0E09
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kontorsflytt Stockholm | Allt inom företagsflytt

Page URL History Show full URLs

  1. https://kontorsflyttstockholm.com/ HTTP 301
    https://www.kontorsflyttstockholm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • analytics\.freespee\.com/js/external/fs\.(?:min\.)?js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

327 kB
Transfer

620 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kontorsflyttstockholm.com/ HTTP 301
    https://www.kontorsflyttstockholm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kontorsflyttstockholm.com/
Redirect Chain
  • https://kontorsflyttstockholm.com/
  • https://www.kontorsflyttstockholm.com/
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c774183da7a091f02f95dcaf1ce14ef6d4714b998f3c5b92574a47d5bb0db807

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
709997a1b9896933-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 11 May 2022 08:37:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lD6nqSMGe5WQEvoXvvedaHjn9GlARWBb6PoSuQSUjR3PDWl%2FJNe3D1PQ5i8XbQcKBYC1YgJn9l%2B91UQyUb%2F3bJPGw5Y%2F2PPNV%2FtwHvyAXJsN4Wk%2B1uJgvC1Xi7elArsvX7ABZzY3E2a2j5TWI3dKIBd9S7hs6%2B3YprCWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
709997a0cfbd6933-FRA
content-type
text/html
date
Wed, 11 May 2022 08:37:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.kontorsflyttstockholm.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esGK6qaMcT%2FspI4X7cHe018WXo%2Fnk2G4q9lfA%2FLQIz5apnsG7If1JhLp3dpfHjAcN6SSLnBEmy0Vn%2F42bU%2BrhUY72wwwb7XhfYcrusGvbrRcaw4k9k5ujPxZtwHoG3UaxuSsJB9f7DGS%2Fxa9AOw0URlDHM8lyRMx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
www.kontorsflyttstockholm.com/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kontorsflyttstockholm.com/style.css?v=297306&m=3615
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e545b3a9da7888f4c97b479ae1d0de425a953408f2fc1370e2d0bbbda7eb13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 08:37:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FnrnYR%2BJLd0MYBUr4CSGq2E07pLGIUI0sfnBDNQPc%2ByKw2cuv5Ar6Se%2FW5g70IMiy3E93WlbeRz7KktqGtc5mNWgEJgKzTbC4yBjfYCSV3NtUyPrdz8%2FT6K%2BWnltqBUjYmqlKBJjwICFGBqk8mDrN%2B8eKYFdL3BgF%2BAvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
709997a2db936933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 07 Mar 2023 08:37:23 GMT
style.css
www.kontorsflyttstockholm.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kontorsflyttstockholm.com/style.css?v=208134&m=4859
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50e0a1fb3d82290af70ad20923f785bf8b225aeac8e9dd998721c2f5be91344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 08:37:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1%2Bjc3ztuCDNpIrgDyNuzvRw8UfqtGoZ3Sb7z8tdeWGdH8iFQwKljbsR5fpBcQMt%2BCzqyry%2Bz70TOmBF%2BcngxL04reT1LuI4xLiTKdTgwqXSuwoNhKWf%2BsD85mj9NTcQxFYd9MI5hd2jjv2ucuePq7xdDpSOANfp1ZYEHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
709997a2db956933-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 07 Mar 2023 08:37:23 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700,900&display=swap
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
499ced11b5e162f85adaaae979aef39c37bb8d3565356cacfdacc64d276ed3da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 May 2022 08:37:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 11 May 2022 08:37:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 May 2022 08:37:23 GMT
cookieconsent-min.js
uploads.staticjw.com/ba/badrumsrenoveringistockholm2/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads.staticjw.com/ba/badrumsrenoveringistockholm2/cookieconsent-min.js
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:288d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Sep 2021 11:59:40 GMT
server
cloudflare
x-amz-request-id
T7AX6EJ6TKFVD1HV
etag
W/"a0664de8c68e4220f254dc12ccedbfe7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKMYp4fEJhE%2BjquNYNpUoTBJIBril0PhUcZsn6l0RUn79AlnOVJ3xhcl0RkvY98ZjJav9%2B9uHJYZ75TjnDjCfC3IVeUZfMCHgxrhWcPeJKoZTgHIHabs8YHoOt27dUwRB3CdV8AWDz%2FfU42vzZDwuN%2Bi"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
709997a419ab9b3d-FRA
x-amz-id-2
+Fe+1dVu6qGmGtPM1BLAOeF9S04Oznqfm+9UXbme0NmHL+dXFM3oQmS6xgfoZ6Bu1U74Dv8UDkw=
logga.png
uploads.staticjw.com/fl/flyttfirmasodermalm/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.staticjw.com/fl/flyttfirmasodermalm/logga.png
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:288d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
309f74002e8fc7378b1ae211edc338b991eb3eaccb99b0e93ed25dabd76a1934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VWBR2724R3K4TGQX
content-length
2223
x-amz-id-2
Xt2TgIuiOoXWfoSUNAU3XnEV+oJH45yUQJERA3sPDpHeCGpxm3yS32u2CdSysz67impCbOvPQ1M=
last-modified
Thu, 16 Jan 2020 14:45:08 GMT
server
cloudflare
etag
"59b9be03128898ca0b6595cd2d4cc865"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpzBcs5cJX6RIsFQtU8L9t57tZ2a3dh975ZJ9mBZ%2BrPCfvJCf%2BZiNCxOQzbITMuSTVQO%2F5nAjYud7JYeblLmP6PYXYzP7oKMRZfpc2M%2FexRU1SyBnoBqwcWB9TOqkTF8c9%2B3faYeVWFccca87lv%2Fd%2FjA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
709997a419ad9b3d-FRA
email-decode.min.js
www.kontorsflyttstockholm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kontorsflyttstockholm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 May 2022 15:54:30 GMT
server
cloudflare
etag
W/"627544b6-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zS8us33%2FTROaZxLyV8DrrHVPyFjosH0BvbyLoM%2FEuPMB3ysgLZkVkLtDDuLkmAjwz8Uxj7F3rQwmcCWrqq4Zl05MU1e5Lc9gEpU8IPqhcj1UXN795iyeowct0gZAmbAM8d5tuXX0RPgiHPNBPA00w7WrG%2FnWw5fgQ7tPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
709997a39ed39ba4-FRA
vary
Accept-Encoding
expires
Fri, 13 May 2022 08:37:23 GMT
fs.js
analytics.freespee.com/js/external/ 		82 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.freespee.com/js/external/fs.js
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.93.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-93-6.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
422d16e578e4edb90297ba8c8ea1dc536c6a1ff9e54a9324565b653d62a1fecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 08:37:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 08:16:31 GMT
Server
nginx
ETag
"6152cf5f-3ea1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=600, private, no-cache="set-cookie"
Connection
keep-alive
Content-Length
16033
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 10:18:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 10:18:00 GMT
jquery.backstretch.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-backstretch/2.1.18/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-backstretch/2.1.18/jquery.backstretch.min.js
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39964cc1cde8eedc51def15fba797433dca4dd26b21a9e38e1e65d2fd4038b56
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4190995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5544
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-44d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9FiHV0qH%2B7QgOFUxijMm9c7XCst%2BYu82CW89zTYyTfbmC%2FdNML0n%2ByTwdn4nzWYVVXPq7iXn%2FsHLEPl0kDXKTIL%2BZLKMOi5QxHeMt1fKUhNobOUWGzifB7g%2FGqMjSOlXhEsBsgLMxZ5%2BZrqAxqrPxJ%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
709997a3facc9bb0-FRA
expires
Mon, 01 May 2023 08:37:23 GMT
gtm.js
www.googletagmanager.com/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJ2293W
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7566ccd95f016e18bda175974b3a79c550fdf1ec714bfcc56a6d104fe0647850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51241
x-xss-protection
0
last-modified
Wed, 11 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 May 2022 08:37:23 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kontorsflyttstockholm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:26:49 GMT
x-content-type-options
nosniff
age
565834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:53:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 19:26:49 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ2293W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3753
date
Wed, 11 May 2022 07:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 11 May 2022 09:34:50 GMT
track.js
redistats.com/ 		5 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://redistats.com/track.js?gid=1fusojbo&pid=208134&url=https%3A%2F%2Fwww.kontorsflyttstockholm.com%2F&referrer=
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:8d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936930900571d82823f0b26f1822e618bbd4eab9939bcae60601bbc5192d2dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 08:37:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 11 May 2022 08:37:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxjdxAw3a8KJn4SmYQYW%2Bob1iIFPo7ufAhWRTe8UL60Wm11rZ%2BX0UPf6MOD8g0vV7w5houU7jIIZo7djtIa805P2EmaL3jP9WZdcM1SYocmgCLNLbart8yz704DhtZHqnRppW4%2Bcd1n97f7O"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
no-store, no-cache, max-age=0, must-revalidate, post-check=0, pre-check=0
cf-ray
709997a509459122-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 26 Jul 1990 05:00:00 GMT
kontorsflytt1.jpg
uploads.staticjw.com/ko/kontorsflyttstockholm/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads.staticjw.com/ko/kontorsflyttstockholm/kontorsflytt1.jpg
Requested by
Host: www.kontorsflyttstockholm.com
URL: https://www.kontorsflyttstockholm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:288d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be44276929f0208b38ac1abe1d0f8d5cd9ff69823d04a11cf1fc6ed3bdff62ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 08:37:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VWBM0JSH65EE9PCX
content-length
129552
x-amz-id-2
64TtY2igIlTrSag+CX8uPK6zYElC90rOpVH4zpTBEztmy6a7Lf1q7+cvU7ALg4Kys9bau9jZ9LA=
last-modified
Thu, 18 Apr 2019 06:58:16 GMT
server
cloudflare
etag
"af9b55f23287ec6992a074a6944c444c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oKSC2Rr%2F8YLQVyS3g7BgMMHnzNW9q8cRn326rIp%2BQ0wsD6lD88uAceAVT0ryhGeexYoU4SQ8zmSl0S%2BlWTOX6HPIaeBo6JrqHOs%2ByZmrfFb3ciPKr5laH91hLg7WUSOeuHurxlETgXuqOmME5sM8css"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
709997a4aab29b3d-FRA
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=741058668&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kontorsflyttstockholm.com%2F&ul=en-us&de=UTF-8&dt=Kontorsflytt%20Stockholm%20%7C%20Allt%20inom%20f%C3%B6retagsflytt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1669002058&gjid=861054968&cid=1941654754.1652258243&tid=UA-108907764-4&_gid=1785018268.1652258243&_r=1&gtm=2wg590MJ2293W&z=1778739987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kontorsflyttstockholm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 May 2022 08:37:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kontorsflyttstockholm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.php
analytics.freespee.com/ 		289 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.freespee.com/index.php?url=/external/dncs/callback:__fs_dncs_instance.backendCallback/advid:NTI3ZjJkMGYtOThkMS00MDc5LTkxYWYtMzYwMTllYjUyODg3Ow/sessionId:/url:aHR0cHM6Ly93d3cua29udG9yc2ZseXR0c3RvY2tob2xtLmNvbS8/referrer:/numbersToReplace:MTEzMzUsMDgzMTAzNjY/parameters:Jl9wX2dhX3dwaT1VQS0xMDg5MDc3NjQtNCZfcF9zZl9nYWNpZHM9MTk0MTY1NDc1NC4xNjUyMjU4MjQzJl9wX2dhX2NuYW1lcz1fZ2EmX3BfZ2FfZGltcz17fSZfZ2E9R0ExLjIuMTk0MTY1NDc1NC4xNjUyMjU4MjQz/sameSite:0/trackingId:/extTrack:0/
Requested by
Host: analytics.freespee.com
URL: https://analytics.freespee.com/js/external/fs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.93.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-93-6.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
07fcdee3fea45836eb7b4ef012c1893d73fdd3ae4e8887f7e4bef22258b1bee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kontorsflyttstockholm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 08:37:23 GMT
Server
nginx
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
289
Content-Type
text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer object| __fs_conf object| google_tag_manager function| __fs_configuration_proxy function| __fs_dncs object| __fs_dncs_instance string| enableSeForCustomer string| key object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| acc object| cookieconsent object| gaplugins object| gaGlobal object| gaData number| sameSite

8 Cookies

Domain/Path Name / Value
analytics.freespee.com/ Name: AWSELBCORS
Value: B39715251A4B671BAA934D2F5982559BFA2833188ECD9D37A2BAB9BD582448DE27BD3BE2DA49210E7B7A1EB09F57874AB4AE1E4BB5B2D6058A433D1DE417E045A275BF673C
.kontorsflyttstockholm.com/ Name: _gcl_au
Value: 1.1.1412740129.1652258243
.kontorsflyttstockholm.com/ Name: _ga
Value: GA1.2.1941654754.1652258243
.kontorsflyttstockholm.com/ Name: _gid
Value: GA1.2.1785018268.1652258243
.kontorsflyttstockholm.com/ Name: _gat_UA-108907764-4
Value: 1
www.kontorsflyttstockholm.com/ Name: __fs_dncs_sessionid_527f2d0f-98d1-4079-91af-36019eb52887
Value: 3fcc60ad-dc5f-47bd-83d3-783f616a1847
www.kontorsflyttstockholm.com/ Name: __fs_dncs_trackingid_527f2d0f-98d1-4079-91af-36019eb52887
Value: 374dafba-0aa4-4cca-b591-ba7b206c0c43
www.kontorsflyttstockholm.com/ Name: __fs_dncs_exttrack
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.freespee.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
kontorsflyttstockholm.com
redistats.com
uploads.staticjw.com
www.google-analytics.com
www.googletagmanager.com
www.kontorsflyttstockholm.com
2606:4700:3033::6815:4f5
2606:4700:3034::6815:8d2
2606:4700:3034::ac43:bb3f
2606:4700:3108::ac42:288d
2606:4700::6811:190e
2a00:1450:4001:808::200a
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:830::200a
35.156.93.6
07fcdee3fea45836eb7b4ef012c1893d73fdd3ae4e8887f7e4bef22258b1bee2
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
309f74002e8fc7378b1ae211edc338b991eb3eaccb99b0e93ed25dabd76a1934
39964cc1cde8eedc51def15fba797433dca4dd26b21a9e38e1e65d2fd4038b56
422d16e578e4edb90297ba8c8ea1dc536c6a1ff9e54a9324565b653d62a1fecb
499ced11b5e162f85adaaae979aef39c37bb8d3565356cacfdacc64d276ed3da
62e545b3a9da7888f4c97b479ae1d0de425a953408f2fc1370e2d0bbbda7eb13
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7566ccd95f016e18bda175974b3a79c550fdf1ec714bfcc56a6d104fe0647850
936930900571d82823f0b26f1822e618bbd4eab9939bcae60601bbc5192d2dcb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b50e0a1fb3d82290af70ad20923f785bf8b225aeac8e9dd998721c2f5be91344
be44276929f0208b38ac1abe1d0f8d5cd9ff69823d04a11cf1fc6ed3bdff62ec
c774183da7a091f02f95dcaf1ce14ef6d4714b998f3c5b92574a47d5bb0db807
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e