urlscan.io logo urlscan.io
SecurityTrails logo

minside.rs.no Open in urlscan Pro
20.67.170.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://brunswick.securmark.no/
Effective URL: https://minside.rs.no/securmarkactivation
Submission Tags: phish.gg anti.fish automated Search All
Submission: On June 07 via api from DE — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 39 HTTP transactions. The main IP is 20.67.170.236, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is minside.rs.no.
TLS certificate: Issued by Buypass Class 2 CA 2 on April 19th 2023. Valid for: a year.
This is the only time minside.rs.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:5b40:0:2... 12996 (DOMENESHO...)
2 20.67.170.236 8075 (MICROSOFT...)
4 212.89.54.51 2116 (GLOBALCON...)
4 2620:1ec:46::45 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
3 52.222.236.91 16509 (AMAZON-02)
1 3.228.81.10 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 20.119.174.243 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
39 21
1    2a01:5b40:0:248::52 (Norway)

ASN12996 (DOMENESHOP Oslo, Norway, NO)
brunswick.securmark.no
2    20.67.170.236 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
minside.rs.no
4    212.89.54.51 (Norway)

ASN2116 (GLOBALCONNECT-, NO)
chat.puzzel.com
4    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rsfrontends.azureedge.net
www.clarity.ms
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    52.222.236.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-91.fra56.r.cloudfront.net
static.userback.io
1    3.228.81.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-81-10.compute-1.amazonaws.com
api.userback.io
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:26f0:3500:18::1724:a29a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a02:26f0:480:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
2    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.no
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1003
r.clarity.ms — Cisco Umbrella Rank: 8139
c.clarity.ms — Cisco Umbrella Rank: 1528
23 KB
4 userback.io
static.userback.io — Cisco Umbrella Rank: 64478
api.userback.io — Cisco Umbrella Rank: 52667
189 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 66
3 KB
4 puzzel.com
chat.puzzel.com — Cisco Umbrella Rank: 369690
269 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4157
consentcdn.cookiebot.com — Cisco Umbrella Rank: 4589
87 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 1866
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
136 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
166 KB
2 azureedge.net
rsfrontends.azureedge.net
567 KB
2 rs.no
minside.rs.no
101 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 238
742 B
1 google.no
www.google.no — Cisco Umbrella Rank: 23460
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
347 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1078
47 KB
1 securmark.no
brunswick.securmark.no
312 B
39 18
Domain Requested by
4 fonts.googleapis.com minside.rs.no
chat.puzzel.com
static.userback.io
4 chat.puzzel.com minside.rs.no
3 static.userback.io minside.rs.no
static.userback.io
2 c.clarity.ms 1 redirects
2 www.facebook.com minside.rs.no
2 r.clarity.ms rsfrontends.azureedge.net
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 www.clarity.ms minside.rs.no
www.clarity.ms
2 connect.facebook.net minside.rs.no
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
rsfrontends.azureedge.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com minside.rs.no
www.googletagmanager.com
2 rsfrontends.azureedge.net minside.rs.no
2 minside.rs.no rsfrontends.azureedge.net
1 c.bing.com 1 redirects
1 www.google.no minside.rs.no
1 www.google.com minside.rs.no
1 stats.g.doubleclick.net rsfrontends.azureedge.net
1 consentcdn.cookiebot.com consent.cookiebot.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 api.userback.io static.userback.io
1 brunswick.securmark.no 1 redirects
39 23
Subject Issuer Validity Valid
*.rs.no
Buypass Class 2 CA 2		 2023-04-19 -
2024-04-27		 a year crt.sh
*.puzzel.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-28 -
2024-05-22		 a year crt.sh
*.azureedge.net
Microsoft Azure TLS Issuing CA 05		 2023-04-20 -
2024-04-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.userback.io
Amazon RSA 2048 M02		 2023-02-21 -
2023-10-07		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-17 -
2023-06-15		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-06 -
2024-04-06		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-17 -
2024-04-17		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.no
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://minside.rs.no/securmarkactivation
Frame ID: E537395B46A67AAEFBD5EFF4458AB919
Requests: 42 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 36E3C607FEBB6F2A9C8AE7EAC246CA9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RS - Min sideNO - logo

Page URL History Show full URLs

  1. http://brunswick.securmark.no/ HTTP 301
    https://minside.rs.no/securmarkactivation Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

97 %
HTTPS

73 %
IPv6

18
Domains

23
Subdomains

21
IPs

5
Countries

1657 kB
Transfer

4998 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://brunswick.securmark.no/ HTTP 301
    https://minside.rs.no/securmarkactivation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D7601E0FCDB7437C97A68C650A251F15&RedC=c.clarity.ms&MXFR=0DB1E30CF6CE6B55030CF025F2CE651F HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D7601E0FCDB7437C97A68C650A251F15&MUID=176796E6FAFE60FA31E885CFFB716134

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request securmarkactivation
minside.rs.no/
Redirect Chain
  • http://brunswick.securmark.no/
  • https://minside.rs.no/securmarkactivation
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.67.170.236 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8998a0a5ce7b542b406f307cad8a6f3c3031722b1e7d86062bc0b52da0ea46f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-type
text/html; charset=utf-8
date
Wed, 07 Jun 2023 02:13:27 GMT
request-context
appId=cid-v1:4fe05520-fac4-45dc-8d4f-3093b93c5137
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Cache-Control
max-age=3600 public
Connection
keep-alive
Content-Type
text/html
Date
Wed, 07 Jun 2023 02:13:27 GMT
Expires
Wed, 07 Jun 2023 03:13:27 GMT
Location
https://minside.rs.no/securmarkactivation
Server
openresty
Transfer-Encoding
chunked
intelecom-light.css
chat.puzzel.com/Content/Client/css/ 		51 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat.puzzel.com/Content/Client/css/intelecom-light.css
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.89.54.51 , Norway, ASN2116 (GLOBALCONNECT-, NO),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
365c109a877295eb81bdbd4e58ee358056e3672d167f769656569267947813e7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 02:13:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Aug 2021 21:30:56 GMT
Server
nginx
ETag
"0685affe592d71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
19253
jquery-latest.min.js
chat.puzzel.com/Content/Client/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.puzzel.com/Content/Client/js/jquery-latest.min.js
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.89.54.51 , Norway, ASN2116 (GLOBALCONNECT-, NO),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 02:13:27 GMT
Last-Modified
Mon, 16 Aug 2021 21:31:23 GMT
Server
nginx
ETag
"eb8e9fe692d71:0"
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
89476
jquery-intelecomchat.libs.latest.min.js
chat.puzzel.com/Content/Client/js/ 		431 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.puzzel.com/Content/Client/js/jquery-intelecomchat.libs.latest.min.js
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.89.54.51 , Norway, ASN2116 (GLOBALCONNECT-, NO),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
58e3aec61f4460b2f7b121c9eab2c249f4746bf9e4fb710d16dd25ed7fbeed7a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 02:13:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Aug 2021 21:06:04 GMT
Server
nginx
ETag
"046d86e292d71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
131630
jquery-intelecomchat.latest.min.js
chat.puzzel.com/Content/Client/js/ 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.puzzel.com/Content/Client/js/jquery-intelecomchat.latest.min.js
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.89.54.51 , Norway, ASN2116 (GLOBALCONNECT-, NO),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
039228300e25b98c14dcfb30b0239dd7c4878ba490f0b5ec075a57959058cf16

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Wed, 07 Jun 2023 02:13:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Aug 2021 21:06:05 GMT
Server
nginx
ETag
"80dca586e292d71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
33674
index.css
rsfrontends.azureedge.net/portals-mypage-prod/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsfrontends.azureedge.net/portals-mypage-prod/index.css?v=1.0.0.0
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2240c12d90634a1c98f76f9c4e57efbca5980f7c05c31b182979c039bae0826

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Jun 2023 02:13:27 GMT
content-encoding
br
x-azure-ref-originshield
0x+d/ZAAAAACIxln3WbBASY1sugvsw73tQU1TMDRFREdFMTkxMAA4ZGQ4NmEyZC03MjA2LTQzOWEtYTdmNS1kNzQ2NWE1M2JhM2E=
content-md5
lGR0GWydkPGkQC2c8KX8Vw==
x-cache
TCP_MISS
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jun 2023 12:40:26 GMT
etag
0x8DB668B342C760C
x-azure-ref
0x+d/ZAAAAAD+FjE6LotsQ43lgI0NwkicU1RPRURHRTE4MDYAOGRkODZhMmQtNzIwNi00MzlhLWE3ZjUtZDc0NjVhNTNiYTNh
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
209f8307-901e-0087-12e5-983b8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=300
x-ms-version
2009-09-19
css
fonts.googleapis.com/ 		3 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 02:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 00:51:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 02:13:27 GMT
css2
fonts.googleapis.com/ 		2 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Overpass+Mono:wght@600&display=swap
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a38f1614cd3e330c056589a44162362cec8fcd12f368003ff964f6254b263aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 02:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 02:13:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 02:13:27 GMT
index.js
rsfrontends.azureedge.net/portals-mypage-prod/ 		2 MB
564 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rsfrontends.azureedge.net/portals-mypage-prod/index.js?v=1.0.0.0
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e2d914e58bf150af93b4c211990943d365c9b88f2cffe330addf259998e29fe

Request headers

Referer
https://minside.rs.no/
Origin
https://minside.rs.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 07 Jun 2023 02:13:27 GMT
content-encoding
br
x-azure-ref-originshield
0x+d/ZAAAAACKlQq/k0SVQrawV5425+JxQU1TMDRFREdFMTkwNwA4ZGQ4NmEyZC03MjA2LTQzOWEtYTdmNS1kNzQ2NWE1M2JhM2E=
content-md5
S1HZfqTjp7iu4i4N0SHWpA==
x-cache
TCP_MISS
x-ms-lease-status
unlocked
last-modified
Tue, 06 Jun 2023 12:40:27 GMT
etag
0x8DB668B350B1C09
x-azure-ref
0x+d/ZAAAAABZNaXDTHvbSoQX7PeFSkpGU1RPRURHRTE4MTgAOGRkODZhMmQtNzIwNi00MzlhLWE3ZjUtZDc0NjVhNTNiYTNh
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dcc7adf5-801e-0040-5be5-98afd7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=300
x-ms-version
2009-09-19
css
fonts.googleapis.com/ 		16 KB
1007 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300,600,700
Requested by
Host: chat.puzzel.com
URL: https://chat.puzzel.com/Content/Client/css/intelecom-light.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
198eb504c7fcc8b70bb1ce21d2901c27568373bb46332f7addc75e54264da568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://chat.puzzel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 02:13:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 02:02:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 02:13:27 GMT
v1.js
static.userback.io/widget/ 		464 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.userback.io/widget/v1.js
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afe725796003e0c0cd37513a1f5f0beba76d6460a38197e7a91766b83830091a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 04:55:30 GMT
content-encoding
gzip
via
1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 04:54:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
76679
x-amz-server-side-encryption
AES256
etag
W/"2fc12c71bb950f068cdcd79cfcb102c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lFo-467YVWkJHY2UTJAcuXs_RcZNRUsJMsz8Ar_Zh1QeXhAqPOA8oA==
/
api.userback.io/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userback.io/?loadWidgetConfig
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.81.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-81-10.compute-1.amazonaws.com
Software
nginx/1.22.0 / PHP/8.1.14
Resource Hash
a2cc4d57663524a37c0e0c2dd6a85307e173df147ba679e13ec364551ccbcaf2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://minside.rs.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:28 GMT
content-encoding
gzip
server
nginx/1.22.0
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
v1.css
static.userback.io/widget/ 		105 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.userback.io/widget/v1.css
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07ba7c644673567b3bf2a0e6c82fdf482b6c8a8b24d718751bf6b6dfd15b26dd

Request headers

Referer
https://minside.rs.no/
Origin
https://minside.rs.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 04:57:41 GMT
content-encoding
gzip
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
76549
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 05 Jun 2023 04:54:35 GMT
server
AmazonS3
etag
W/"bf881e3e88973ba69fd68b532a1bf567"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
LcAgbq6TyfDxNzfOADE_O-NmE1h8rGU4wtZeP4q_iKiW3WyuUi1V6w==
css2
fonts.googleapis.com/ 		11 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700;900&display=swap
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22ec05dbdd2c67a8f8a08de86dbbbeab27f039b8bdce3423b2acc9387405225b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://static.userback.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Jun 2023 02:13:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 01:40:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Jun 2023 02:13:29 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
static.userback.io/fonts/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.userback.io/fonts/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: static.userback.io
URL: https://static.userback.io/widget/v1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-91.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Request headers

Referer
https://static.userback.io/widget/v1.css
Origin
https://minside.rs.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 02:13:31 GMT
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
37780
last-modified
Wed, 19 Apr 2023 06:58:55 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
v-aCTD0lazSWM79GySHhnQC_32sb_Avstkc-ieb0sGyACgJjAD-nSw==
nb-NO
minside.rs.no/api/translate/ 		95 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://minside.rs.no/api/translate/nb-NO
Requested by
Host: rsfrontends.azureedge.net
URL: https://rsfrontends.azureedge.net/portals-mypage-prod/index.js?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.67.170.236 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1075b067803efeb30ad644862fe9d25710c91a49b21aec3651be4074490b883a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/securmarkactivation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

request-context
appId=cid-v1:4fe05520-fac4-45dc-8d4f-3093b93c5137
date
Wed, 07 Jun 2023 02:13:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
97633
content-type
application/json; charset=utf-8
gtm.js
www.googletagmanager.com/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MWSJKWX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c664963ca26e0ebc03271c6dd17590de144d0ff752b41e73596ff22b703d92c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 02:13:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85996
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 01:19:19 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Jun 2023 02:13:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minside.rs.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 11:05:17 GMT
x-content-type-options
nosniff
age
313693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 11:05:17 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minside.rs.no
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 00:06:44 GMT
x-content-type-options
nosniff
age
353206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 00:06:44 GMT
optimize.js
www.googleoptimize.com/ 		119 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MCJ8FVJ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWSJKWX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a271433ad700256d2ac5c7e80b22b8683ca9447103e2b07b88d4a35def7b88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 02:13:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47470
x-xss-protection
0
last-modified
Wed, 07 Jun 2023 01:19:19 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Jun 2023 02:13:30 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWSJKWX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 07 Jun 2023 01:49:43 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1427
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 07 Jun 2023 03:49:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Jun 2023 02:13:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27549
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wx89+1onWAk1t7AnkPk78O5Xi/+VRz4XWC8S+HsC3a+rpNsIVorDl1ydWOEvg7ypU7xiJ4CRrhDpegoxvzW8iw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
fx7hjxlq0a
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fx7hjxlq0a?ref=gtm2
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc3d79d26ae6021df76ca3d5bb4a052d4a47640cb5f266651600e5c1fe1cea04

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Wed, 07 Jun 2023 02:13:30 GMT
x-azure-ref
0yud/ZAAAAAB+XVMcmhQ9T6gyNZr1oItwU1RPRURHRTE0MTkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
1213
expires
-1
uc.js
consent.cookiebot.com/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=fbd8b471-ee0b-4522-8704-14dc24c2f8e4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWSJKWX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f952ebf8091c4d1d48951e442b2930153d49ecbe7298b63b7b89c7042c65e46b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Wed, 07 Jun 2023 02:13:30 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2023 11:13:19 GMT
etag
"6dc99e97f983d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=795
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
33582
expires
Wed, 07 Jun 2023 02:26:45 GMT
js
www.googletagmanager.com/gtag/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JCM6J47WY9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWSJKWX&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
111d6b8e83785838475020b4a4f9a06e6eebecd0b95f88c0ac348c7d6828a821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 02:13:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83508
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Jun 2023 02:13:30 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JCM6J47WY9&gtm=45je3650&_p=621746051&cid=134943360.1686104011&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fminside.rs.no%2Fsecurmarkactivation&dr=&sid=1686104010&sct=1&seg=0&dt=RS%20-%20Min%20side&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JCM6J47WY9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://minside.rs.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fx7hjxlq0a?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 02:13:30 GMT
content-encoding
br
last-modified
Mon, 05 Jun 2023 12:11:57 GMT
x-azure-ref-originshield
0HOJ/ZAAAAABiOi8qxy6/Rosoxv/b7bI2QU1TMDRFREdFMTkxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
etag
"0x8DB65BE0F216DE8"
x-azure-ref
0yud/ZAAAAADEzS2E5PZXQ4ymksTiywb6U1RPRURHRTE0MTkANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
8b77c71b-a01e-0060-5222-985244000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 36E3 		627 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fbd8b471-ee0b-4522-8704-14dc24c2f8e4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://minside.rs.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Jun 2023 02:13:31 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 06 Jun 2024 02:13:31 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="468362_35115176_2508660_20_1125_64_0";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/fbd8b471-ee0b-4522-8704-14dc24c2f8e4/ 		220 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/fbd8b471-ee0b-4522-8704-14dc24c2f8e4/cc.js?renew=false&referer=minside.rs.no&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=fbd8b471-ee0b-4522-8704-14dc24c2f8e4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ece11f32a063b456fae1060ee5de49be7ab094c04a6782ee7ff72295442eeb60

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 02:13:31 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 02:13:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
54070
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
1153509401451649
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1153509401451649?v=2.9.106&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
303abd5e6601057b4d26dd63c77c2eb228edef4a54bd85ca65ebacd58590584a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Jun 2023 02:13:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qrGzs6ADiW/glu1Dkkr3vp4XdYriQrAINCiP5ljTng12fhbemOzrFq4ar5X/JLLB00esXzIwtG1NQhH3iPM/KQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=621746051&t=pageview&_s=1&dl=https%3A%2F%2Fminside.rs.no%2Fsecurmarkactivation&ul=en-us&de=UTF-8&dt=RS%20-%20Min%20side&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1700304684&gjid=828224902&cid=134943360.1686104011&tid=UA-4207624-2&_gid=430860529.1686104011&_r=1&_slc=1&gtm=45He3650n81MWSJKWX&z=230127509
Requested by
Host: rsfrontends.azureedge.net
URL: https://rsfrontends.azureedge.net/portals-mypage-prod/index.js?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://minside.rs.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://minside.rs.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
r.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: rsfrontends.azureedge.net
URL: https://rsfrontends.azureedge.net/portals-mypage-prod/index.js?v=1.0.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://minside.rs.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://minside.rs.no
Date
Wed, 07 Jun 2023 02:13:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-4207624-2&cid=134943360.1686104011&jid=1700304684&gjid=828224902&_gid=430860529.1686104011&_u=aADAAEAAQAAAACAAI~&z=1064500950
Requested by
Host: rsfrontends.azureedge.net
URL: https://rsfrontends.azureedge.net/portals-mypage-prod/index.js?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://minside.rs.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 07 Jun 2023 02:13:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://minside.rs.no
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8942b578b504e6ba9252d19e0f5430e3ce374ae5380743bb4ca6a4214122e77b

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		964 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		973 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1153509401451649&ev=PageView&dl=https%3A%2F%2Fminside.rs.no%2Fsecurmarkactivation&rl=&if=false&ts=1686104011301&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22754528258767133%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22NOK%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%224194785497219913%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1686104011299.1511202183&cs_est=true&it=1686104010964&coo=false&rqm=GET
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Jun 2023 02:13:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-4207624-2&cid=134943360.1686104011&jid=1700304684&_u=aADAAEAAQAAAACAAI~&z=28048415
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.no/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-4207624-2&cid=134943360.1686104011&jid=1700304684&_u=aADAAEAAQAAAACAAI~&z=28048415
Requested by
Host: minside.rs.no
URL: https://minside.rs.no/securmarkactivation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D7601E0FCDB7437C97A68C650A251F15&RedC=c.clarity.ms&MXFR=0DB1E30CF6CE6B55030CF025F2CE651F
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D7601E0FCDB7437C97A68C650A251F15&MUID=176796E6FAFE60FA31E885CFFB716134
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D7601E0FCDB7437C97A68C650A251F15&MUID=176796E6FAFE60FA31E885CFFB716134
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:32 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 07 Jun 2023 02:13:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EA1753AE29CE4AB29E228F471C4DE385 Ref B: STOEDGE1206 Ref C: 2023-06-07T02:13:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D7601E0FCDB7437C97A68C650A251F15&MUID=176796E6FAFE60FA31E885CFFB716134
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
r.clarity.ms/ 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: rsfrontends.azureedge.net
URL: https://rsfrontends.azureedge.net/portals-mypage-prod/index.js?v=1.0.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://minside.rs.no/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://minside.rs.no
Date
Wed, 07 Jun 2023 02:13:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1153509401451649&ev=Microdata&dl=https%3A%2F%2Fminside.rs.no%2Fsecurmarkactivation&rl=&if=false&ts=1686104012804&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22RS%20-%20Min%20side%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.106&r=stable&ec=1&o=30&fbp=fb.1.1686104011299.1511202183&it=1686104010964&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://minside.rs.no/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 07 Jun 2023 02:13:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| html5 object| Modernizr object| ko function| moment function| _ function| s function| log object| userProfile object| appConfig object| authenticateUser object| Userback function| bowser function| eve function| mina function| Snap object| jQuery112208828371007911455 number| 2f1acc6c3a606b082e5eef5e54414ffb object| FontAwesomeConfig object| ___FONT_AWESOME___ object| __dynProto$Gbl object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| clarity function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins function| gtag object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| google_optimize object| gaData object| CookiebotDialog object| CookieConsentDialog

19 Cookies

Domain/Path Name / Value
.minside.rs.no/ Name: mp_4c3e6c5f929da2019d49455f500e9738_mixpanel
Value: %7B%22distinct_id%22%3A%20%2218893a16dcfa5d-057368c858b33c-15363671-1d4c00-18893a16dd0cb7%22%2C%22%24device_id%22%3A%20%2218893a16dcfa5d-057368c858b33c-15363671-1d4c00-18893a16dd0cb7%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
minside.rs.no/ Name: ai_user
Value: /04zush3gdc7ZNKKfeijcw|2023-06-07T02:13:30.199Z
.rs.no/ Name: _gcl_au
Value: 1.1.2057900072.1686104011
.rs.no/ Name: _ga_JCM6J47WY9
Value: GS1.1.1686104010.1.0.1686104010.0.0.0
www.clarity.ms/ Name: CLID
Value: b2b0e51d53434cc5b630a1a30d2c3f89.20230607.20240606
.rs.no/ Name: _clck
Value: 1vafykn|2|fc9|0|1253
.rs.no/ Name: _ga
Value: GA1.2.134943360.1686104011
.rs.no/ Name: _gid
Value: GA1.2.430860529.1686104011
.rs.no/ Name: _gat_UA-4207624-2
Value: 1
minside.rs.no/ Name: ai_session
Value: NQEvoIX3p9jLoWtb5I1ZIH|1686104011098|1686104011098
.rs.no/ Name: _fbp
Value: fb.1.1686104011299.1511202183
.rs.no/ Name: _clsk
Value: 12vcpxt|1686104011742|1|1|r.clarity.ms/collect
.bing.com/ Name: MUID
Value: 176796E6FAFE60FA31E885CFFB716134
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 176796E6FAFE60FA31E885CFFB716134
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 176796E6FAFE60FA31E885CFFB716134
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userback.io
brunswick.securmark.no
c.bing.com
c.clarity.ms
chat.puzzel.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.googleapis.com
fonts.gstatic.com
minside.rs.no
r.clarity.ms
region1.google-analytics.com
rsfrontends.azureedge.net
static.userback.io
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.no
www.googleoptimize.com
www.googletagmanager.com
20.119.174.243
20.67.170.236
2001:4860:4802:32::178
2001:4860:4802:34::36
212.89.54.51
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:811::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a01:5b40:0:248::52
2a02:26f0:3500:18::1724:a29a
2a02:26f0:480:594::f09
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.228.81.10
52.222.236.91
68.219.88.97
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
039228300e25b98c14dcfb30b0239dd7c4878ba490f0b5ec075a57959058cf16
07ba7c644673567b3bf2a0e6c82fdf482b6c8a8b24d718751bf6b6dfd15b26dd
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
1075b067803efeb30ad644862fe9d25710c91a49b21aec3651be4074490b883a
111d6b8e83785838475020b4a4f9a06e6eebecd0b95f88c0ac348c7d6828a821
198eb504c7fcc8b70bb1ce21d2901c27568373bb46332f7addc75e54264da568
22ec05dbdd2c67a8f8a08de86dbbbeab27f039b8bdce3423b2acc9387405225b
2e2d914e58bf150af93b4c211990943d365c9b88f2cffe330addf259998e29fe
303abd5e6601057b4d26dd63c77c2eb228edef4a54bd85ca65ebacd58590584a
365c109a877295eb81bdbd4e58ee358056e3672d167f769656569267947813e7
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3a271433ad700256d2ac5c7e80b22b8683ca9447103e2b07b88d4a35def7b88b
4f29b4389a6e08bf3ffcdfb097597d5621b4abac31a74f89c3fa3537dc428e68
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
58e3aec61f4460b2f7b121c9eab2c249f4746bf9e4fb710d16dd25ed7fbeed7a
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
8942b578b504e6ba9252d19e0f5430e3ce374ae5380743bb4ca6a4214122e77b
8998a0a5ce7b542b406f307cad8a6f3c3031722b1e7d86062bc0b52da0ea46f5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2cc4d57663524a37c0e0c2dd6a85307e173df147ba679e13ec364551ccbcaf2
a38f1614cd3e330c056589a44162362cec8fcd12f368003ff964f6254b263aa5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe725796003e0c0cd37513a1f5f0beba76d6460a38197e7a91766b83830091a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c664963ca26e0ebc03271c6dd17590de144d0ff752b41e73596ff22b703d92c2
cc3d79d26ae6021df76ca3d5bb4a052d4a47640cb5f266651600e5c1fe1cea04
d47bcf54431b918d4b86953244677a675940b21844a2ac41bee9b690415eb0b1
e2240c12d90634a1c98f76f9c4e57efbca5980f7c05c31b182979c039bae0826
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ece11f32a063b456fae1060ee5de49be7ab094c04a6782ee7ff72295442eeb60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f952ebf8091c4d1d48951e442b2930153d49ecbe7298b63b7b89c7042c65e46b
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9