urlscan.io logo urlscan.io
SecurityTrails logo

omegamed.no Open in urlscan Pro
172.67.152.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
Effective URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed...
Submission: On July 16 via manual from SE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 38 HTTP transactions. The main IP is 172.67.152.163, located in United States and belongs to CLOUDFLARENET, US. The main domain is omegamed.no.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.
This is the only time omegamed.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2001:41d0:203:9a4f:e7e1:9613:11:b42d (France)

ASN16276 (OVH, FR)
booksforamodernworld.com
2    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    3.134.25.183 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-25-183.us-east-2.compute.amazonaws.com
oriomed.com
14    172.67.152.163 (United States)

ASN13335 (CLOUDFLARENET, US)
omegamed.no
1    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
vhclp.com
1    142.250.181.226 (None, )

ASN- ()
pagead2.googlesyndication.com
2    2620:1ec:29:1::42 (None, )

ASN- ()
www.clarity.ms
1    2600:9000:225e:f600:19:1c05:a1c0:93a1 (None, )

ASN- ()
assets.strossle.com
Domain Requested by
14 omegamed.no omegamed.no
2 www.clarity.ms booksforamodernworld.com
www.clarity.ms
2 www.googletagmanager.com booksforamodernworld.com
omegamed.no
www.googletagmanager.com
2 booksforamodernworld.com
1 assets.strossle.com www.googletagmanager.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 vhclp.com omegamed.no
1 dev.visualwebsiteoptimizer.com omegamed.no
1 oriomed.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com booksforamodernworld.com
0 c.clarity.ms Failed
0 app.readpeak.com Failed booksforamodernworld.com
0 cdn.taboola.com Failed www.googletagmanager.com
0 connect.facebook.net Failed www.googletagmanager.com
0 consent.cookiebot.com Failed www.googletagmanager.com
38 17

This site contains links to these domains. Also see Links.

Domain
vhclp.com
Subject Issuer Validity Valid
booksforamodernworld.com
R10		 2024-07-03 -
2024-10-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
omegamed.no
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
vhclp.com
WE1		 2024-07-10 -
2024-10-08		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
strossle.com
Amazon RSA 2048 M03		 2024-06-23 -
2025-07-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Frame ID: 3BB32205E8A24603742A2D094B383BD4
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FÃ¥ Omega-3 GRATIS* i 30 dager - OmegaMed Extra

Page URL History Show full URLs

  1. https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784 Page URL
  2. https://oriomed.com/click.track?CID=467175&AFID=562472 HTTP 302
    https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

38
Requests

71 %
HTTPS

58 %
IPv6

16
Domains

17
Subdomains

12
IPs

4
Countries

452 kB
Transfer

1285 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784 Page URL
  2. https://oriomed.com/click.track?CID=467175&AFID=562472 HTTP 302
    https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
booksforamodernworld.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9a4f:e7e1:9613:11:b42d , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d91b92f4758d97b9b89a0ac63b53c385df9da46aabab40b17e1727d6fc8434c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 10:21:00 GMT
server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RMPFZH6T3C
Requested by
Host: booksforamodernworld.com
URL: https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
989e8c07182f91a8603dc175d9e547cc12b7a6c80f88d6a0ae1afb8d432c6ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://booksforamodernworld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104034
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jul 2024 10:21:00 GMT
css
fonts.googleapis.com/ 		2 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:100
Requested by
Host: booksforamodernworld.com
URL: https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0549b60e7b1e42393066c2e6ad77fe18c7c05db63a75d879e6feee477dcdf679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booksforamodernworld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jul 2024 10:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 10:14:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jul 2024 10:21:00 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvao7CIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvao7CIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d997b2e2a22050f0dd82ef5823acaa5de7f095506e2f2b973d1b255a0079859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booksforamodernworld.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 19:55:16 GMT
x-content-type-options
nosniff
age
51944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21372
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Jul 2025 19:55:16 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RMPFZH6T3C&gtm=45je4790v9164079621za200&_p=1721125260292&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1301089911.1721125260&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721125260&sct=1&seg=0&dl=https%3A%2F%2Fbooksforamodernworld.com%2Findex.php%3Fc%3D3216%26t%3D31926%26e%3D79784&dt=Just%20a%20moment...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=586&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RMPFZH6T3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://booksforamodernworld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 10:21:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://booksforamodernworld.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
booksforamodernworld.com/ 		962 B
650 B 		Other
General
Check archive.org
Download Go to
Full URL
https://booksforamodernworld.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:203:9a4f:e7e1:9613:11:b42d , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7ae6ecf391ad9d53fb45cb2d350d99347b053a9a41ee1d2f46f7cc2cfe2c5f8a
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

Referer
https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:00 GMT
strict-transport-security
max-age=600
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
Primary Request /
omegamed.no/fa-omega-3-gratis-orion/
Redirect Chain
  • https://oriomed.com/click.track?CID=467175&AFID=562472
  • https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=56...
58 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
547ffc614f1f0ad34cf01c0740132a5e7999d5a320ef860e992aaa007f5e82e8

Request headers

Referer
https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a414358ddd2419a-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 10:21:03 GMT
link
<https://omegamed.no/wp-json/>; rel="https://api.w.org/" <https://omegamed.no/wp-json/wp/v2/pages/521>; rel="alternate"; type="application/json" <https://omegamed.no/?p=521>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIav%2BDR91TR1ZH9pbC8J2wWoxjFVXSqnV%2FG7DSQasaJ30Rycn3hJXvqala%2F3x44hQlhQYCgSfiCub8x7ocNwwhIfoF6EqZFD4oe44nLPD53gnGwJNICgrxRYj1u%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

access-control-allow-origin
*
cache-control
private
content-length
393
content-type
text/html; charset=utf-8
date
Tue, 16 Jul 2024 10:21:02 GMT
location
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
p3p
policyref="/p3p/P3P.oriomed.com.xml", CP="NOI DSP COR NID ADM DEV OUR STP OTC"
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
style.css
omegamed.no/wp-content/plugins/gutenberg/build/block-library/blocks/navigation/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/plugins/gutenberg/build/block-library/blocks/navigation/style.css?ver=18.6.0
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de037c50ec75b6afc0f366cd823d6876b3d453b5928c6d3889525a636ce0054

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Jun 2024 13:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfKlB%2BckMBXRQlhB4oCwfbBQHsc8O4F9eu36a%2FZsAsFQJcsSC7GqHz0CRs5GdEXoTOjlJhhjLWUw9T7ykyQsKrG123eYe7Y%2F8D3Hyv2uiRqWuDfSZt8Bi%2FsLCYoAgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a414360ab41419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
style.css
omegamed.no/wp-content/plugins/gutenberg/build/block-library/blocks/cover/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/plugins/gutenberg/build/block-library/blocks/cover/style.css?ver=18.6.0
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5647515297fbefdea571d0b1019a5c1a944114c7a780e6ce3452cb332cc0a0

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Jun 2024 13:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4zQNmZ2w%2FTPXnFlyIACqG3XmyWJRoK%2BqQlUbWDaEu34LqqFUZq3By98Oy0LimQcUHUMOt5fHPzjhtwRBYnNSR76zZwYNwB5YfBs7O1yTQPK6FbBOfoF%2BZEjQl1Yiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a414360ab48419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
betgut.css
omegamed.no/wp-content/plugins/better-gutenberg/build/ 		1 KB
882 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/plugins/better-gutenberg/build/betgut.css?ver=1696496824
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20bb6f2baeb4c6c041dce39ddd1313b7e2bb33f2fef85bf902022f8ea4b6ac27

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 05 Oct 2023 09:07:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psd9vV4%2FqHIRO58%2FXosfg8GPqFRhcEOXDxAQIZvoUeLjANAJocTAyHCHWf9oEBwRRGzo6i1PeM4CKm%2BgnYOORNdVK4u6dq9GqNa3NN3ugMAk%2BhZ0Y3X7yCYAY%2BfsuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a414360ab4c419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
gtm.js
www.googletagmanager.com/ 		327 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5595T49R
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b4b2c1324cf10064e2191c531630e9a5ea266264accb3728159a457f120ea9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107946
x-xss-protection
0
last-modified
Tue, 16 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Jul 2024 10:21:03 GMT
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=900299&u=https%3A%2F%2Fomegamed.no%2Ffa-omega-3-gratis-orion%2F%3Futm_source%3Dext_orion%26utm_medium%3Dext_affiliate%26utm_campaign%3Dext_omegamed_0124%26utm_content%3Dno_nor-omega_ext_affiliate_orion_sales_omegamed_0124%2F%3Faff-id%3D562472%26Click-ID%3D07_168179753_69160963-cea2-426f-9cea-c240f6e59378&vn=2
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gbel2 /
Resource Hash
e0ca5142adca9750035f8688ea1c8272b6d435b1a80f892068138d54342094dc

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:02 GMT
content-encoding
gzip
via
1.1 google
server
gbel2
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
88f1dda2-8f6e-47c9-9b3d-758df7433f7d
https://omegamed.no/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://omegamed.no/88f1dda2-8f6e-47c9-9b3d-758df7433f7d
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
bootstrap.css
omegamed.no/wp-content/themes/core/assets/css/ 		77 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/themes/core/assets/css/bootstrap.css?ver=6.5.5
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7443efb48742f5e3bed56797cd52a62db0becfc3a12698dc774699cf242111a

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 16 May 2023 18:54:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRUioqfEjnN96jFgqr2DJkyWrc8kBQWNk%2FKu3MIRTJTnqrBbJvP0ePeXRDiu8UdUg2kMi0Jeczhcgl62Hu8GQ1dGqqlc0SaqSSKhIf7R7njmILgL89kaYhl4GzrWGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a4143620d18419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
core.css
omegamed.no/wp-content/themes/core/assets/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/themes/core/assets/css/core.css?ver=3486
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6669c236b12581f335b1bb94c42a13283528982b640b57cb01a42d6d60b3dee

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 02 Jul 2024 20:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hddTqha%2FuvneCemD3RqHWtv%2FxEkq2T59HFUfriRxyl4g%2FjI00%2F3g9XKYGsmTeuIjol5FkcOnWmkOKtMjZZiwIs2PvzjIFdFZVzxoyyvEreT62Q%2FLEAAmCkA7lmIy4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a4143620d1b419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
jquery.min.js
omegamed.no/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 09:32:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tp7VHkLZ98NgQLE21CXE5ykDhOT6yqbNcNMSPahWFzDaCfh6vzE5nB3Sj%2BtT6rRZZpn4%2BSHUWbqGtJSRlbAi5kutbhETrebXV2EjSrsY%2FZ3L0q%2FMcNP2aJgN1VM1%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a4143620d1e419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
jquery-migrate.min.js
omegamed.no/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 10:13:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJxkY4bMYSdHj8XPciD%2FSCr71RD0zYm78hHfd2do3jJLjMRednTRw5T53qUyQLCDc8ZjYRi%2FsmMOXvL1TuYr5485NKzQwFmpg4iSqbHuC4sjaogAUO2vWFaWsgdTpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a4143620d20419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
navigation.min.js
omegamed.no/wp-content/plugins/gutenberg/build/interactivity/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/plugins/gutenberg/build/interactivity/navigation.min.js?ver=18.6.0
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e5480451a7c60c95ff9ecf67c2f4bb2f5ffa934fd0722dc960d569eb028099

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Origin
https://omegamed.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Jun 2024 13:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zudP8OFVhnGKXEkUwAqR1aWJNkxuIWwAoZgk5WfFVPApK1DSGlnJhbouXUA2f9XmeZLj6u%2FVZuAUKq3ck3Nn0wH8EVL2Dj406i%2BjTtAzJh0gyxOMcOzV382%2B2zFhMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a4143620d22419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
index.min.js
omegamed.no/wp-content/plugins/gutenberg/build/interactivity/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/plugins/gutenberg/build/interactivity/index.min.js?ver=18.6.0
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49d46db5776f378dde2636034d3b00afaca4e8f54c1913877beea8184a4c50da

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Origin
https://omegamed.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Jun 2024 13:27:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJSYjUrmrLT8VdolXAZ3xsiXUpoxvMvNQl3%2FLXJ6Rfuk9P53EZQjg9ADnJdFX30bSQrG8zd0vHhA0lewX98AsjJaI6SwZMKNhhOhTEq3ZSlbO9kx6D2ztYRpcwI5dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
8a4143620d24419a-LHR
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jul 2024 10:21:03 GMT
omegamed-extra-edm.png
omegamed.no/wp-content/uploads/sites/22/2023/02/ 		0
0
OmegaMed-Extra-Eske-60kap-V-skygge_lav-e1686756095443.png
omegamed.no/wp-content/uploads/sites/22/2023/06/ 		113 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://omegamed.no/wp-content/uploads/sites/22/2023/06/OmegaMed-Extra-Eske-60kap-V-skygge_lav-e1686756095443.png
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90371
alt-svc
h3=":443"; ma=86400
content-length
162263
last-modified
Mon, 19 Jun 2023 23:52:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jY7yvlLXxMa2w7gK9gMusJqvBvVP7lj%2FxiR9qrFH2tS7%2FeSNhBVK24soaClK4wKpc1W4n%2BNtg%2FhKT1hLUtFXYvacfoweyOqEDPUY8S11g1OJjgK3FE%2B6uh48b1z%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4143620d27419a-LHR
expires
Mon, 22 Jul 2024 09:14:52 GMT
posten-logo.png
vhclp.com/wp-content/uploads/2024/04/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vhclp.com/wp-content/uploads/2024/04/posten-logo.png
Requested by
Host: omegamed.no
URL: https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fade906c2f23d473c7f9221ea4f83b315197830fbbd7ab1b2b6b37b6a176f23e

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
433183
alt-svc
h3=":443"; ma=86400
content-length
76460
last-modified
Wed, 10 Apr 2024 15:01:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUiyr1SFzic2T7S1juUJCl%2Bv7KYwPh1tUls3BxCCaZtFHukrkxCyw1gl36e1il2TnCqNzLAtfxPhhxM4qdAPv2CFQ%2B%2BS6XwL0qrBonlocRjEYFZjVJQJ%2F7vweu8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a41436278ddd50a-CDG
expires
Thu, 18 Jul 2024 10:01:20 GMT
oe-packshot.png
omegamed.no/wp-content/uploads/sites/22/2023/01/ 		0
0
core.js
omegamed.no/wp-content/themes/core/assets/js/ 		0
0
uc.js
consent.cookiebot.com/ 		0
0
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&tag_exp=0&rnd=68330869.1721125264&url=https%3A%2F%2Fomegamed.no%2Ffa-omega-3-gratis-orion%2F&dma_cps=-&dma=1&npa=1&gtm=45He4790n915595T49Rv9173773448za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5595T49R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 10:21:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		0
0
tfa.js
cdn.taboola.com/libtrc/unip/1551213/ 		0
0
poppins-v20-latin-regular.woff2
omegamed.no/wp-content/themes/core/assets/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/themes/core/assets/fonts/poppins-v20-latin-regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Origin
https://omegamed.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:04 GMT
cf-cache-status
MISS
last-modified
Tue, 16 May 2023 18:54:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFhm%2FUxIxYaJtezC8wtbN7fBZjNUU8KJQzovwR9LtBNO1eR38DIagtaB3AQo5jx1ORPjfRkTWnIv07k%2FJFxKrc88HHnCf5zc9xfGxYirhEDDnvUHT67TT4EXq21Cng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4143639f5b419a-LHR
alt-svc
h3=":443"; ma=86400
content-length
7884
expires
Tue, 23 Jul 2024 10:21:03 GMT
poppins-v20-latin-600.woff2
omegamed.no/wp-content/themes/core/assets/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/themes/core/assets/fonts/poppins-v20-latin-600.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Origin
https://omegamed.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
cf-cache-status
MISS
last-modified
Tue, 16 May 2023 18:54:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Jl3dfFejSz1Ymn%2BecXSw0ZSp2c7a2vdILqMfP8v1WARQrtqbJDUUfN0wW%2Br56eGIl2xOYgkVLiO2sn1WcUC2RoH5TXgYjndPLaFCarEpVUwggDTYRf3eoIu9XFmbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4143639f5e419a-LHR
alt-svc
h3=":443"; ma=86400
content-length
8000
expires
Tue, 23 Jul 2024 10:21:03 GMT
poppins-v20-latin-700.woff2
omegamed.no/wp-content/themes/core/assets/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omegamed.no/wp-content/themes/core/assets/fonts/poppins-v20-latin-700.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.152.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

Referer
https://omegamed.no/fa-omega-3-gratis-orion/?utm_source=ext_orion&utm_medium=ext_affiliate&utm_campaign=ext_omegamed_0124&utm_content=no_nor-omega_ext_affiliate_orion_sales_omegamed_0124/?aff-id=562472&Click-ID=07_168179753_69160963-cea2-426f-9cea-c240f6e59378
Origin
https://omegamed.no
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:03 GMT
cf-cache-status
MISS
last-modified
Tue, 16 May 2023 18:54:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jUGY7yyz8cRcsv%2FFItI1SCAeA2zfgPCEDUro9rKSbqfMcwkpdsIt72n6ftbhBOf8Fgku%2BtN%2BDfttS2r5sQyT0nm60QCEdP4wfQBz1V%2BOV7XdxSF3MgHRUHRo7e4uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8a4143639f60419a-LHR
alt-svc
h3=":443"; ma=86400
content-length
7816
expires
Tue, 23 Jul 2024 10:21:03 GMT
gxnsyb6s5y
www.clarity.ms/tag/ 		801 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gxnsyb6s5y?ref=gtm2
Requested by
Host: booksforamodernworld.com
URL: https://booksforamodernworld.com/index.php?c=3216&t=31926&e=79784
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ba1f83715d9d46415dd37538486a86068aa2a2037badc82e9dc1bc3c1031dec

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
-1
date
Tue, 16 Jul 2024 10:21:04 GMT
x-azure-ref
20240716T102104Z-15f88f56648xfzggpuzgpb2dew000000099000000000029b
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
801
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
rpa.js
app.readpeak.com/js/ 		0
0
strossle-analytics.js
assets.strossle.com/strossle-analytics/1/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.strossle.com/strossle-analytics/1/strossle-analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5595T49R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:f600:19:1c05:a1c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d354fcce4c2290fbb29f23720ff51a4c99f7b11d8d539af2b9d6aacc9055473f

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
date
Tue, 16 Jul 2024 10:14:27 GMT
last-modified
Thu, 15 Dec 2022 15:19:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
399
etag
W/"628809af7413a704dcf65947b759ef21"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
x-amz-cf-id
8ftCTHRLjWqqtQthC5Et8ViQT4W4YWcYLmBNONGFx74Xx6koK6LBwA==
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gxnsyb6s5y?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::42 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://omegamed.no/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 10:21:04 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240716T102104Z-15f88f56648xfzggpuzgpb2dew000000099000000000029h
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
578c0a96-e01e-003c-0204-ce071c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
0
c.gif
c.clarity.ms/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
omegamed.no
URL
https://omegamed.no/wp-content/uploads/sites/22/2023/02/omegamed-extra-edm.png
Domain
omegamed.no
URL
https://omegamed.no/wp-content/uploads/sites/22/2023/01/oe-packshot.png
Domain
omegamed.no
URL
https://omegamed.no/wp-content/themes/core/assets/js/core.js?ver=5639
Domain
consent.cookiebot.com
URL
https://consent.cookiebot.com/uc.js?cbid=1198c314-c0ed-4192-b4a7-8d9d0f41d972&implementation=gtm&consentmode-dataredaction=dynamic
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-98NFF016X8&l=dataLayer&cx=c
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-7F8148L9CZ&l=dataLayer&cx=c
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
cdn.taboola.com
URL
https://cdn.taboola.com/libtrc/unip/1551213/tfa.js
Domain
app.readpeak.com
URL
https://app.readpeak.com/js/rpa.js
Domain
c.clarity.ms
URL
https://c.clarity.ms/c.gif

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| code object| _vwo_code number| _vwo_settings_timer object| _wpemojiSettings object| _VWO string| _vwo_mt object| google_tag_manager object| google_tag_data function| jQuery function| fbq function| _fbq object| _fbq_gtm_ids object| __tfa_pixel_init object| _tfa object| theme

6 Cookies

Domain/Path Name / Value
.booksforamodernworld.com/ Name: _ga
Value: GA1.1.1301089911.1721125260
oriomed.com/ Name: LTTC6_467175
Value: 07_168179753_69160963-cea2-426f-9cea-c240f6e59378
omegamed.no/ Name: utm_source
Value: ext_orion
omegamed.no/ Name: utm_medium
Value: ext_affiliate
omegamed.no/ Name: orion_click_id
Value: 07_168179753_69160963-cea2-426f-9cea-c240f6e59378
.booksforamodernworld.com/ Name: _ga_RMPFZH6T3C
Value: GS1.1.1721125260.1.0.1721125263.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://booksforamodernworld.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.readpeak.com
assets.strossle.com
booksforamodernworld.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
consent.cookiebot.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
omegamed.no
oriomed.com
pagead2.googlesyndication.com
region1.google-analytics.com
vhclp.com
www.clarity.ms
www.googletagmanager.com
app.readpeak.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
consent.cookiebot.com
omegamed.no
www.googletagmanager.com
142.250.181.226
172.67.152.163
188.114.96.3
2001:41d0:203:9a4f:e7e1:9613:11:b42d
2001:4860:4802:34::36
2600:9000:225e:f600:19:1c05:a1c0:93a1
2620:1ec:29:1::42
2a00:1450:4001:80f::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:829::200a
3.134.25.183
34.96.102.137
0549b60e7b1e42393066c2e6ad77fe18c7c05db63a75d879e6feee477dcdf679
1ba1f83715d9d46415dd37538486a86068aa2a2037badc82e9dc1bc3c1031dec
1de037c50ec75b6afc0f366cd823d6876b3d453b5928c6d3889525a636ce0054
20bb6f2baeb4c6c041dce39ddd1313b7e2bb33f2fef85bf902022f8ea4b6ac27
49d46db5776f378dde2636034d3b00afaca4e8f54c1913877beea8184a4c50da
4b4b2c1324cf10064e2191c531630e9a5ea266264accb3728159a457f120ea9c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
547ffc614f1f0ad34cf01c0740132a5e7999d5a320ef860e992aaa007f5e82e8
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6e5647515297fbefdea571d0b1019a5c1a944114c7a780e6ce3452cb332cc0a0
7ae6ecf391ad9d53fb45cb2d350d99347b053a9a41ee1d2f46f7cc2cfe2c5f8a
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
989e8c07182f91a8603dc175d9e547cc12b7a6c80f88d6a0ae1afb8d432c6ae8
9d997b2e2a22050f0dd82ef5823acaa5de7f095506e2f2b973d1b255a0079859
b0e5480451a7c60c95ff9ecf67c2f4bb2f5ffa934fd0722dc960d569eb028099
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d354fcce4c2290fbb29f23720ff51a4c99f7b11d8d539af2b9d6aacc9055473f
d6669c236b12581f335b1bb94c42a13283528982b640b57cb01a42d6d60b3dee
d91b92f4758d97b9b89a0ac63b53c385df9da46aabab40b17e1727d6fc8434c9
e0ca5142adca9750035f8688ea1c8272b6d435b1a80f892068138d54342094dc
e7443efb48742f5e3bed56797cd52a62db0becfc3a12698dc774699cf242111a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fade906c2f23d473c7f9221ea4f83b315197830fbbd7ab1b2b6b37b6a176f23e