www.rorkjop.no
Open in
urlscan Pro
2606:4700:3108::ac42:2b50
Public Scan
Effective URL: https://www.rorkjop.no/
Submission: On January 13 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2021. Valid for: a year.
This is the only time www.rorkjop.no was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
rorkjop.no | |
www.rorkjop.no | |
cdn.rorkjop.no |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net
widget.freshworks.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
www.googleadservices.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net
js.adsrvr.org |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-34.fra2.r.cloudfront.net
vc.hotjar.io |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org | |
match.adsrvr.org |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net
bam.nr-data.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-50.fra2.r.cloudfront.net
surveystats.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
rorkjop.no
2 redirects
login.rorkjop.no rorkjop.no www.rorkjop.no cdn.rorkjop.no |
1 MB |
13 |
freshworks.com
1 redirects
widget.freshworks.com — Cisco Umbrella Rank: 14398 |
145 KB |
6 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 857 |
96 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126 |
195 KB |
3 |
adsrvr.org
1 redirects
js.adsrvr.org — Cisco Umbrella Rank: 1348 insight.adsrvr.org — Cisco Umbrella Rank: 602 match.adsrvr.org — Cisco Umbrella Rank: 295 |
3 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 88 |
427 B |
2 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2046 surveystats.hotjar.io — Cisco Umbrella Rank: 15867 |
727 B |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6151 |
655 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
655 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 |
2 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 |
20 KB |
1 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 590 |
320 B |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 320 |
13 KB |
1 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1742 |
|
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 97 |
15 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
66 KB |
67 | 16 |
Domain | Requested by | |
---|---|---|
20 | cdn.rorkjop.no |
www.rorkjop.no
|
13 | widget.freshworks.com |
1 redirects
www.rorkjop.no
widget.freshworks.com |
6 | www.rorkjop.no |
www.rorkjop.no
|
4 | script.hotjar.com |
static.hotjar.com
script.hotjar.com |
4 | connect.facebook.net |
www.rorkjop.no
connect.facebook.net |
2 | www.facebook.com |
www.rorkjop.no
|
2 | www.google.de |
www.rorkjop.no
|
2 | www.google.com |
www.rorkjop.no
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.rorkjop.no |
1 | surveystats.hotjar.io |
script.hotjar.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | match.adsrvr.org |
js.adsrvr.org
|
1 | insight.adsrvr.org | 1 redirects |
1 | js-agent.newrelic.com |
www.rorkjop.no
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | script.crazyegg.com |
www.googletagmanager.com
|
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
www.rorkjop.no
|
1 | rorkjop.no | 1 redirects |
1 | login.rorkjop.no | 1 redirects |
67 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
issuu.com |
ds.spark-vision.com |
www.vvsnorden.no |
www.instagram.com |
nb-no.facebook.com |
www.youtube.com |
www.linkedin.com |
medlem.rorkjop.no |
www.hotjar.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rorkjop.no Cloudflare Inc ECC CA-3 |
2021-06-03 - 2022-06-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-10-22 - 2022-01-20 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-05-09 - 2022-05-08 |
a year | crt.sh |
*.freshworks.com Amazon |
2021-08-10 - 2022-09-08 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.hotjar.io Amazon |
2021-08-17 - 2022-09-15 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-10-06 - 2022-11-07 |
a year | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.rorkjop.no/
Frame ID: C61EB93CACD093FEE7C6AE34CD6B13CD
Requests: 55 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 49AA896C20974B9A225772A8030F5DB2
Requests: 1 HTTP requests in this frame
Frame:
https://widget.freshworks.com/widgetBase/widget.js
Frame ID: 6EC69287B384578C545C387DFFE47C6C
Requests: 8 HTTP requests in this frame
Frame:
https://widget.freshworks.com/widgetBase/static/media/styles.5fe92f64.css
Frame ID: DDBFD4DC2BBEC78C1E4485AF33D263C7
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/upb/?adv=qjgn9r5&ref=https%3A%2F%2Fwww.rorkjop.no%2F&upid=3b65tt1&upv=1.1.0
Frame ID: 17BA05D8B7FBFBAE8AC5AF2802881AF4
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 7F5496FFC8C12708DFFCAD05087BE9D1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Rørkjøp - Trygge rørleggere - produkter som sikrer kvalitetLogo Rørkjøp_liggende_hvitPage URL History Show full URLs
-
https://login.rorkjop.no/
HTTP 302
https://rorkjop.no/ HTTP 301
https://www.rorkjop.no/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Crazy Egg (Analytics) Expand
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Bla i vår produktkatalog
Search URL Search Domain Scan URL
Title: Begynn å tegne
Search URL Search Domain Scan URL
Title: Innkjøpsalliansen VVS Norden
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Youtube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Logg inn på intranettet (medlemmer)
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login.rorkjop.no/
HTTP 302
https://rorkjop.no/ HTTP 301
https://www.rorkjop.no/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://widget.freshworks.com/widgets/4000000182.js HTTP 301
- https://widget.freshworks.com/widgetBase/bootstrap.js
- https://insight.adsrvr.org/track/up?adv=qjgn9r5&ref=https%3A%2F%2Fwww.rorkjop.no%2F&upid=3b65tt1&upv=1.1.0 HTTP 302
- https://match.adsrvr.org/track/upb/?adv=qjgn9r5&ref=https%3A%2F%2Fwww.rorkjop.no%2F&upid=3b65tt1&upv=1.1.0
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.rorkjop.no/ Redirect Chain
|
65 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-5ff61d346ec88bece5121d8b942e3ffb060d9762a7abaf394a5f29b67dce7a2e.css
www.rorkjop.no/assets/ |
264 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
public-56a2bb0a261529c1e76e44af21004ae8fb0c9499ec80e1a603004cb80a6da312.js
www.rorkjop.no/assets/ |
418 KB 119 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
193 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FxoJmct0THieYMAoMvxP+FxoJmct0THieYMAoMvxP.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eOXkt5D3TAyxK0onc775+eOXkt5D3TAyxK0onc775.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f2rS1p4Sbe8kK16EZ7r0+f2rS1p4Sbe8kK16EZ7r0.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
72 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xkL3DXS12szaqeBarE6+6xkL3DXS12szaqeBarE6.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FwWzAoiGS7q0W8J8xXOn+FwWzAoiGS7q0W8J8xXOn.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Yec9CLXQHKHj5MTPiYdw+Yec9CLXQHKHj5MTPiYdw.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sGwq3reaShavu1vGKR6J+sGwq3reaShavu1vGKR6J.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oK7YTXVfTW4SbpWs8wM6+oK7YTXVfTW4SbpWs8wM6.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
41 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
447K0zCaRQyoo4STo7dw+447K0zCaRQyoo4STo7dw.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:400,h:400,fit:clip/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WSSFFOOTnqm5ipKHgpgg+WSSFFOOTnqm5ipKHgpgg.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
64 KB 64 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YH9jLXzGREyw8chIc8JF+YH9jLXzGREyw8chIc8JF.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
60 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o5S0lcUhR08iMFUMPkRy+o5S0lcUhR08iMFUMPkRy.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
80 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TU4p62IWSiOK6a78uh0i+TU4p62IWSiOK6a78uh0i.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F05oalmSRRPID1RwOHAJ+F05oalmSRRPID1RwOHAJ.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
49 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Wqf7CB4SyabVzDVeY9rl+Wqf7CB4SyabVzDVeY9rl.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
60 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iHrdVJksSt6ZGfnzhiz5+iHrdVJksSt6ZGfnzhiz5.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2OGzEuBqTyCCCQNdREp1+2OGzEuBqTyCCCQNdREp1.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7sQU0Ju0Tia1qYy4fUpp+7sQU0Ju0Tia1qYy4fUpp.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
70 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
I0dfRQPoTTOyUJEkqJX3+I0dfRQPoTTOyUJEkqJX3.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:540,h:310,fit:crop/ |
84 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
www.rorkjop.no/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 797 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
widget.freshworks.com/widgetBase/ Redirect Chain
|
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.symbol-58f9b4f37699345cfc4b03391dcc5b945a5f540cd37bd9f677bf4fa338d8f332.svg
www.rorkjop.no/assets/img/symbol/svg/ |
174 KB 56 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0Qt53LO4QUqns6MRL2DP+0Qt53LO4QUqns6MRL2DP.jpg
cdn.rorkjop.no/output=format:jpg,compress:true/cache=expiry:max/rotate=exif:true/resize=w:1150,h:440,fit:clip/ |
130 KB 130 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader-e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b.gif
www.rorkjop.no/assets/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-11155.js
static.hotjar.com/c/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
38 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8506.js
script.crazyegg.com/pages/scripts/0021/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4000000182.json
widget.freshworks.com/widgets/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 442 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/800472618/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
connect.facebook.net/en_US/ |
285 KB 80 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.95d56a8fe70e88a7dcd9.js
script.hotjar.com/ |
229 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 49AA |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
826823984004566
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ |
1 KB 894 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
widget.freshworks.com/widgetBase/ Frame 6EC6 |
294 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/800472618/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/800472618/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11155
vc.hotjar.io/sessions/ |
0 255 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.96c1c69b8724e56254b8.widget.js
widget.freshworks.com/widgetBase/ Frame 6EC6 |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.8bd0d39ed40ee0109589.widget.js
widget.freshworks.com/widgetBase/ Frame 6EC6 |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8.391e72735dac0c934b81.widget.js
widget.freshworks.com/widgetBase/ Frame 6EC6 |
35 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10.2e5460d4c197a23f9b8f.widget.js
widget.freshworks.com/widgetBase/ Frame 6EC6 |
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16.940026c58eb98be63849.widget.js
widget.freshworks.com/widgetBase/ Frame 6EC6 |
645 B 1016 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.5fe92f64.css
widget.freshworks.com/widgetBase/static/media/ Frame DDBF |
1 KB 984 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nb-NO.json
widget.freshworks.com/widgetBase/locales/ Frame 6EC6 |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
widget.freshworks.com/widgetBase/locales/ Frame 6EC6 |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1212.min.js
js-agent.newrelic.com/ |
34 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
match.adsrvr.org/track/upb/ Frame 17BA Redirect Chain
|
0 181 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdd87b65ef
bam.nr-data.net/1/ |
57 B 320 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 7F54 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
survey-v2.bfa9da52a0ffdd84fefd.js
script.hotjar.com/ |
129 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hit
surveystats.hotjar.io/ |
0 472 B |
XHR
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-black-mono.a08482.svg
script.hotjar.com/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_icons_light.766225.png
script.hotjar.com/ |
781 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| onsecuritypolicyviolation object| onslotchange object| dataLayer object| NREUM object| newrelic function| __nr_require function| showErrorMessage function| hideErrorMessage function| addCartIconBadge function| removeCartIconBadge function| reloadCart function| hideAddToCartButton function| attachMembershipApplicationFiles function| addApplicationAttachment function| formatBytes function| membershipError function| $ function| jQuery object| jQuery1124023177558857108593 function| Tether function| svg4everybody object| filestackInternals object| filestack object| fwSettings function| FreshworksWidget object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbAsyncInit function| fbq function| _fbq object| FwBootstrap object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| ttd_dom_ready function| TTDUniversalPixelApi16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.login.rorkjop.no/ | Name: __cf_bm Value: k5ZJTP8cG2SgKlDJXhJm30VgRYL7iJLz80j1gf4MKu8-1642076837-0-AX6YDL2851JMTsqKBdYT6PqiVc9SJmKm6211KuxrYnh5gX8uSGnEm7cdfEo57ZXrGrOYhtYihntj80k86zNONh4= |
|
.rorkjop.no/ | Name: rk_session Value: WElUN3VtaWpRZklwd21sbWxYYTNIYXB1RHdWTHdBTm5rOWNhVmVaRTNVSjYzOUhFYWxDWVJxdmx1QlZVdFBjbDhCc3llaFRLdmpGZHBYaU1DbitxOXZIbEh4R042aTIrbkVzZHhzVmk4eUpjdUNHdUlONWxCNDNybEp5YjA1UGdSMGw5cVRaZk9hNXVrZjlUWC9SK1JpZ1VCTmNzRUdFcGZqUkx2eEhzYUwxanBXaWpRWEdQenpMSXgwbG13ZDRVLS0vT1JZOGhsYzR2SEJXQXlsbFpEVTl3PT0%3D--13c2b187d6f5e44fb86d3b56ebd72fc1e0f87e35 |
|
.rorkjop.no/ | Name: _gcl_au Value: 1.1.1602450222.1642076838 |
|
.rorkjop.no/ | Name: _ga Value: GA1.2.1677686356.1642076838 |
|
.rorkjop.no/ | Name: _gid Value: GA1.2.576663735.1642076838 |
|
.rorkjop.no/ | Name: _dc_gtm_UA-46823545-1 Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.rorkjop.no/ | Name: _hjSessionUser_11155 Value: eyJpZCI6IjJlNDk0YmE4LTg0MGYtNTc3YS05MDBmLWI4OTc3NWI5MWY2NyIsImNyZWF0ZWQiOjE2NDIwNzY4MzgxMDQsImV4aXN0aW5nIjpmYWxzZX0= |
|
.rorkjop.no/ | Name: _hjFirstSeen Value: 1 |
|
www.rorkjop.no/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.rorkjop.no/ | Name: _hjSession_11155 Value: eyJpZCI6IjRjNDYzNDk2LTYzMTMtNDMzYS04NmU2LTliMDhjMmYyNDM5NiIsImNyZWF0ZWQiOjE2NDIwNzY4MzgxMTMsImluU2FtcGxlIjpmYWxzZX0= |
|
.rorkjop.no/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
.rorkjop.no/ | Name: _fbp Value: fb.1.1642076838229.1512868071 |
|
.facebook.com/ | Name: fr Value: 0eVM6XBCZZdTVeE6s..Bh4Bqm...1.0.Bh4Bqm. |
|
.adsrvr.org/ | Name: TDID Value: fed31cb6-a12b-4e05-a4fd-809333f07e36 |
|
.nr-data.net/ | Name: JSESSIONID Value: d3adf9b1ab5047 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
cdn.rorkjop.no
connect.facebook.net
googleads.g.doubleclick.net
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
login.rorkjop.no
match.adsrvr.org
rorkjop.no
script.crazyegg.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
surveystats.hotjar.io
vars.hotjar.com
vc.hotjar.io
widget.freshworks.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rorkjop.no
13.224.193.121
13.224.193.38
13.224.193.50
13.225.80.34
13.225.80.89
13.225.85.149
143.204.98.102
151.101.2.137
162.247.242.19
216.58.212.130
2606:4700:3108::ac42:2b50
2606:4700::6812:f458
2606:4700::6813:9308
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200e
2a00:1450:400c:c06::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.33.220.150
0321a19060d760e5894f623f2699124e4bd6d8b6647082dca503c51b7985d9e3
06571a7d2f8ce9b460403010ba25340a682e53ef4c840dd226e03d76c9826523
0cd0d5844a399bf476341bf11595110a6f319e04e632fa770020e49daa8d55c0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12796af89750067828e9885563938eb3d89c6c5b75eea3e1d008d145099a86fd
18ef189861c877613c928779d4c61f3f3bc44506b94917e05d2666cbf64ca91e
19ffda0bf3c8e2759d325c7562c393cda50633d766e606fda4201230e289d680
1db60ebe47828151b3b4ad4860d8c894c0ef72f19abc4695613fcf3887c98892
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
24b7432fe4e4ab3b326d5379b2f4c0521c600b58b6f240840a3c42d8f9605e80
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
33426c81393fb2329d42f78e68fcca5fed84d60871142db914a4befb493a7419
35a21001a43dff2f74d501f0ea9da11ebd0032a0ba0f2dff511956e41130097c
3e69d0c55d6e335dccfbd6ef08d608d749463680053b5aa4ac30c1c27b250cc0
3fb3b6dc69886a34d212dba92b1d54e736588d72e0860b069005d92cc94ead52
44de6bd15caa1cd2548bd800752259f418482dbe11b589ccf89d22e08d912b5c
4c9cf8c9ba469952ae4e9fcd4fef7199023e207eac16de543b63d5c5ef300840
4f57305e9dd0aaa7f1d83afe53c22db164f8a047ac30e54dc7158ab5aac4c24b
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
56a2bb0a261529c1e76e44af21004ae8fb0c9499ec80e1a603004cb80a6da312
58f9b4f37699345cfc4b03391dcc5b945a5f540cd37bd9f677bf4fa338d8f332
6565aa13a2510e50218633eeb8183cbaa36a580f0060a63cb0dce18d274df33f
7037822981e0a99374c4d8c9a4fec5d6f67c2ccaf7a086ccdaa7db89f66c9c2f
74327403391ccd4020866015660f1319bea0b0d6cc68ebfa061e92fead62bce3
74584080170ad03a1da27b51f420fca0ea13a7e4668b02820d7609e29b89d2e7
7c63ab4eaab49607572fca0264f96c0c1e426de54ef45a88f2f7c4e8edc6e8f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87cd6cafc1ca0cf520b4a373854684a360afc5ee60c16a1b2a0cdbb1b3d42f65
8d359e73452f6cf8f6eb55c7e29dec173379191bcf33af3f0a72f8fed5a5b692
995064fa20c0ef20590244efc00ea93ec7de7cda59cb64b062cb9b5e1e699956
9a3f4874b9624de93233d866964b0157bb391a458e6171cec6ce2f5023b441aa
9aaea61e8f5a87f1696e6ef3a0692310a7d273a998e939294c01609926f63ab6
a032b025ccf01ddc1aa693b2338e991618894ac549101b22b0cdda0f0b5fa29d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a39ec7f5d63fff6ee173c0764d95ec8faa32c1f0b38e21c0759ba40b035784d9
aaa9d930a2c98826e5c3842a0f518f418000aa85b3b3beef880e6d334ea8953e
ab64625a0ea321417b2c93753af0fde6178f46e7fbb86b0246e9df18cc61ebc5
afc946dbba0195c1336df89dbe5a4399155d4bf1491bf0e4437f55e418496ac0
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bf063b63300d4f06999a80dfb04f1e2117ad49a4d3d012fd475e2238dee4b179
bf3ba09f2ac0df3f3d61ad5d597b5bdfda54a6b6b359f4efcfb8dce08bbfd0a3
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
d03463db967c99544e2576838039ac292da6be5aedcca6441f2b50da39148526
d6204d505f79893a352e12884eb45329a7181a574d1f7e2de40cd17aa5e3d998
d89df63cc92a6cde49a9178b7e82dd3105a6abe77a56a6227a120abf94da6e2d
d9030cf65cb69a872c47189a3e1f695c8f2e1522826ab296d7be86b509dc4fd3
ddaac6771f6d199e295c16e6738da51b19481b72f91cb6dedd9e5e42049ef021
dfc07138c8430969ccd780b0da426b1f86353ef9a734625ddc354240c449ccc9
e0c7f3c8550974ae719e78b91e116d14bd5aaae76a98b99215a64f2e4433c464
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4517ded6e350e0535163b9103d307964a2acae5a6b956b42417df2ee4154546
e56fb1d0c34520bd441c45060053877a48a7fe4f1f680abbd12f822b76c616b6
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fafaf2449f87373f9a89e80c11dff7b48e75e65181ec3f315b438afcac514d59
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576