urlscan.io logo urlscan.io
SecurityTrails logo

ping.bloggportalen.aftonbladet.se Open in urlscan Pro
46.21.107.237  Public Scan

Go To Rescan Add Verdict Report
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Submission: On August 31 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 13 domains to perform 33 HTTP transactions. The main IP is 46.21.107.237, located in Sweden and belongs to GLESYS-AS, SE. The main domain is ping.bloggportalen.aftonbladet.se.
This is the only time ping.bloggportalen.aftonbladet.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    46.21.107.237 (Sweden)

ASN43948 (GLESYS-AS, SE)
PTR: bloggportalen.se
ping.bloggportalen.aftonbladet.se
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
11 ping.bloggportalen.aftonbladet.se ping.bloggportalen.aftonbladet.se
4 pagead2.googlesyndication.com ping.bloggportalen.aftonbladet.se
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com ping.bloggportalen.aftonbladet.se
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net ping.bloggportalen.aftonbladet.se
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 script.crazyegg.com ping.bloggportalen.aftonbladet.se
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 code.jquery.com ping.bloggportalen.aftonbladet.se
1 fonts.googleapis.com ping.bloggportalen.aftonbladet.se
33 14

This site contains links to these domains. Also see Links.

Domain
www.curemedia.com
www.bentara.se
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Frame ID: 688F33DC8D3ECD25E690B1D68E17BCC6
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200826/r20190131/zrt_lookup.html
Frame ID: B48C1369DE8E05720B619CF67266239D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266007367936056&output=html&h=120&slotname=7051456923&adk=2981505862&adf=131515576&w=980&lmt=1598869441&psa=0&guci=1.2.0.0.2.2.0.0&format=980x120&url=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&flash=0&wgl=1&adsid=NT&dt=1598869441396&bpp=17&bdt=221&idt=125&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6960149109864&frm=20&pv=2&ga_vid=2106237504.1598869442&ga_sid=1598869442&ga_hid=1106103988&ga_fc=0&iag=0&icsg=141503&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C20206788%2C21066898%2C21067034%2C21067105&oid=3&pvsid=411167644129983&pem=108&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CnegO5KosM&p=http%3A//ping.bloggportalen.aftonbladet.se&dtd=147
Frame ID: C565E45CAC7684627102E50CC279F4B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266007367936056&output=html&adk=1812271804&adf=3025194257&lmt=1598869441&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598869441494&bpp=1&bdt=319&idt=67&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=6960149109864&frm=20&pv=1&ga_vid=2106237504.1598869442&ga_sid=1598869442&ga_hid=1106103988&ga_fc=0&iag=0&icsg=33695935&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C20206788%2C21066898%2C21067034%2C21067105&oid=3&pvsid=411167644129983&pem=108&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
Frame ID: 92B34BFED7F360ED15DFB153CCE466ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: CFB3CE97D2FFA22ED283F1F8FA56F3FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

33
Requests

48 %
HTTPS

90 %
IPv6

13
Domains

14
Subdomains

11
IPs

5
Countries

460 kB
Transfer

1093 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js
Request Chain 23
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 29
  • http://www.google-analytics.com/r/collect?v=1&_v=j83&a=1106103988&t=pageview&_s=1&dl=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ul=en-us&de=UTF-8&dt=Bloggportalen.se%20-%20Steg%201%3A%20Presentera%20bloggare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1169687887&gjid=1126364277&cid=2106237504.1598869442&tid=UA-71694535-1&_gid=1157670388.1598869442&_r=1&z=1891917464 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1106103988&t=pageview&_s=1&dl=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ul=en-us&de=UTF-8&dt=Bloggportalen.se%20-%20Steg%201%3A%20Presentera%20bloggare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1169687887&gjid=1126364277&cid=2106237504.1598869442&tid=UA-71694535-1&_gid=1157670388.1598869442&_r=1&z=1891917464

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set Register
ping.bloggportalen.aftonbladet.se/BlogPortal/view/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
e63b09fe5661fc5d9dcc84e1de06ef5d94dede5d2703e1fd2ac0321041598855

Request headers

Host
ping.bloggportalen.aftonbladet.se
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:00 GMT
Server
Apache/2.4.7 (Ubuntu)
Set-Cookie
JSESSIONID=12CC9D1EA3CB52B7F842A41F5A795914; Path=/BlogPortal
Pragma
No-cache
Cache-Control
no-cache,no-store,max-age=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5514
Connection
close
default.css
ping.bloggportalen.aftonbladet.se/BlogPortal/css/ 		25 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/css/default.css?version=20170220
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
9e5d76e990c5d9b5484b67e21748ea507fc2adc6b41901652e1613b3240f3ccd

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Feb 2017 10:54:24 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"25786-1487588064000-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
6304
Expires
Mon, 28 Sep 2020 10:24:01 GMT
css
fonts.googleapis.com/ 		1 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0668f99937139dd9779c1907d0fd58c266fbdfd9c09b7e57da9c790af76574d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 31 Aug 2020 10:24:01 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Mon, 31 Aug 2020 10:24:01 GMT
jquery-1.9.1.min.js
code.jquery.com/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-169d5"
Vary
Accept-Encoding
X-HW
1598869441.dop201.fr8.t,1598869441.cds018.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32772
blogportal_logotype.png
ping.bloggportalen.aftonbladet.se/BlogPortal/images/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/images/blogportal_logotype.png
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
ec9f25eeee9d33e0b9cf898a223e0b9a17debd1363c9142c053d631e741830d5

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Last-Modified
Thu, 07 Apr 2016 13:37:44 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"48333-1460036264000"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
48333
Expires
Mon, 28 Sep 2020 10:24:01 GMT
login_icon.png
ping.bloggportalen.aftonbladet.se/BlogPortal/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/images/login_icon.png
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
57d60e7e9aa278b07f9f6c504c69ae676dd3c016fe0ea5fd33c791efe9c41d94

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Last-Modified
Mon, 20 Feb 2017 10:41:16 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"19180-1487587276000"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
19180
Expires
Mon, 28 Sep 2020 10:24:01 GMT
ping_icon.png
ping.bloggportalen.aftonbladet.se/BlogPortal/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/images/ping_icon.png
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
035b784e729e326b42c98c4cb20b0dde0101dfa5299279486e7ae19bb0f19509

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Last-Modified
Thu, 07 Apr 2016 13:37:44 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"19112-1460036264000"
Content-Type
image/png
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
19112
Expires
Mon, 28 Sep 2020 10:24:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		126 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
15476532164680559219
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
44783
X-XSS-Protection
0
Expires
Mon, 31 Aug 2020 10:24:01 GMT
dateSelector.css
ping.bloggportalen.aftonbladet.se/BlogPortal/css/ 		2 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/css/dateSelector.css
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
a0b05fa0f1ea9b841b8d399d3c9a946043d788f55fe6c8126d61f65bc5bb4d70

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2015 19:51:24 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"2211-1447962684000-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
649
Expires
Mon, 28 Sep 2020 10:24:01 GMT
dateSelector.js
ping.bloggportalen.aftonbladet.se/BlogPortal/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/js/dateSelector.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
1e8a59c31a488b4f920ae53b4e701f386c8f98514457c8e8f958d3f934c687e7

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2015 19:51:24 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"13456-1447962684000-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
3817
Expires
Mon, 28 Sep 2020 10:24:01 GMT
dynamicImages
ping.bloggportalen.aftonbladet.se/BlogPortal/ 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/dynamicImages?imageType=author
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Cache-Control
max-age=0
Expires
0
Server
Apache/2.4.7 (Ubuntu)
Connection
close
Content-Length
43
Content-Type
image/gif
prototype.js
ping.bloggportalen.aftonbladet.se/BlogPortal/js/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/js/prototype.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
a8b25189ed626a7bb28cd7f4163a366880ea7319d69c094baba9c004ba7d8e86

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2015 19:51:24 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"47445-1447962684000-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
10525
Expires
Mon, 28 Sep 2020 10:24:01 GMT
rico.js
ping.bloggportalen.aftonbladet.se/BlogPortal/js/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/js/rico.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
27a47a7acdefa2874e1358c53844f37b69074827e68d88a1e3bf5cb6eb36ca45

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2015 19:51:24 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"82154-1447962684000-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
18788
Expires
Mon, 28 Sep 2020 10:24:01 GMT
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
580adc73abe2f8270c1c4764e6f5bd66c31ad6d01d81d518d211b754ac6d35ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xV75sZKzOT7qW7LdhEYooQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
etag
"7ffc7a3d6a9172167d62ca04eff2062f"
x-fb-debug
wFyVHdjdE8088IM5zsYmcR/3pQBIBXIjcbVDRxFluTPweKl4SAKZwijR3zd9TnPMyaedxHYawxMY/y0MUPpk4A==
x-fb-trip-id
2050670934
x-fb-content-md5
31e59839f8949996502ea8ba44238e37
x-frame-options
DENY
date
Mon, 31 Aug 2020 10:24:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Aug 2020 10:32:39 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1&appId=418332161560200
Non-Authoritative-Reason
HSTS
truncated
/ 		725 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5aca19cffc5925e4d05789f656ae0456e5e848125f71f64d1fbdadd09ef51466

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/css/default.css?version=20170220
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://ping.bloggportalen.aftonbladet.se
Referer
http://fonts.googleapis.com/css?family=Lato:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 11:05:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:45:54 GMT
Server
sffe
Age
602291
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14176
X-XSS-Protection
0
Expires
Tue, 24 Aug 2021 11:05:50 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://ping.bloggportalen.aftonbladet.se
Referer
http://fonts.googleapis.com/css?family=Lato:400,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 11:06:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 23 Jul 2019 03:45:55 GMT
Server
sffe
Age
602248
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14044
X-XSS-Protection
0
Expires
Tue, 24 Aug 2021 11:06:33 GMT
museo500-regular-webfont.woff
ping.bloggportalen.aftonbladet.se/BlogPortal/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://ping.bloggportalen.aftonbladet.se/BlogPortal/fonts/museo500-regular-webfont.woff
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/css/default.css?version=20170220
Protocol
HTTP/1.1
Server
46.21.107.237 , Sweden, ASN43948 (GLESYS-AS, SE),
Reverse DNS
bloggportalen.se
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
6c0233832dbe428c39334847ec0421557e53b48ad11582896949b4bb7f1714b1

Request headers

Origin
http://ping.bloggportalen.aftonbladet.se
Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/css/default.css?version=20170220
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
Last-Modified
Fri, 27 Jan 2017 08:07:36 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
W/"15120-1485504456000"
Content-Type
application/x-font-woff
Cache-Control
max-age=2419200
Connection
close
Accept-Ranges
bytes
Content-Length
15120
Expires
Mon, 28 Sep 2020 10:24:01 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ping.bloggportalen.aftonbladet.se
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Aug 2020 10:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ping.bloggportalen.aftonbladet.se
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Aug 2020 10:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/ 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266007367936056&plah=ping.bloggportalen.aftonbladet.se&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c1d20826994c67c1265ef889d958473b445fafb58adbdf4496c033ba0512c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 10:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87089
x-xss-protection
0
server
cafe
etag
1151439128444404900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 31 Aug 2020 10:24:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200826/r20190131/ Frame B48C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200826/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200826/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 26 Aug 2020 18:38:56 GMT
expires
Wed, 09 Sep 2020 18:38:56 GMT
content-type
text/html; charset=UTF-8
etag
1003971328536524430
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
cache-control
public, max-age=1209600
age
402305
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
all.js
connect.facebook.net/en_US/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e53e01db362939b0b267710b2c329b2f3f1304c8996299ffe85ca4f496e484c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://ping.bloggportalen.aftonbladet.se
Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
bTDPNPvZaqbR4S3tx3TajQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
59779
etag
"ed565cd1d9984c71b429420c5e08ab37"
x-fb-debug
tw4GAA5gkgjmNlxAfsjJ+p2/5fctgT4zfm7n1yeqO3+NEv+5TjCGISl0b6MkHCCtwlJRek2glhk3IPd9Pic4/w==
x-fb-trip-id
1781455057
x-fb-content-md5
9e98e6a5881ce23b1139daa71ec8b048
x-frame-options
DENY
date
Mon, 31 Aug 2020 10:24:01 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 31 Aug 2021 09:29:54 GMT
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4101
date
Mon, 31 Aug 2020 09:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 31 Aug 2020 11:15:40 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
5618.js
script.crazyegg.com/pages/scripts/0042/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://script.crazyegg.com/pages/scripts/0042/5618.js?444130
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
HTTP/1.1
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 31 Aug 2020 10:24:01 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 31 Aug 2020 07:40:28 GMT
Server
cloudflare
Age
9813
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400
Connection
keep-alive
CF-RAY
5cb60a196a3ec286-FRA
Content-Length
0
cf-request-id
04e5a4a3e00000c2869f873200000001
ads
googleads.g.doubleclick.net/pagead/ Frame C565 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266007367936056&output=html&h=120&slotname=7051456923&adk=2981505862&adf=131515576&w=980&lmt=1598869441&psa=0&guci=1.2.0.0.2.2.0.0&format=980x120&url=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&flash=0&wgl=1&adsid=NT&dt=1598869441396&bpp=17&bdt=221&idt=125&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6960149109864&frm=20&pv=2&ga_vid=2106237504.1598869442&ga_sid=1598869442&ga_hid=1106103988&ga_fc=0&iag=0&icsg=141503&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C20206788%2C21066898%2C21067034%2C21067105&oid=3&pvsid=411167644129983&pem=108&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CnegO5KosM&p=http%3A//ping.bloggportalen.aftonbladet.se&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266007367936056&plah=ping.bloggportalen.aftonbladet.se&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7266007367936056&output=html&h=120&slotname=7051456923&adk=2981505862&adf=131515576&w=980&lmt=1598869441&psa=0&guci=1.2.0.0.2.2.0.0&format=980x120&url=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&flash=0&wgl=1&adsid=NT&dt=1598869441396&bpp=17&bdt=221&idt=125&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6960149109864&frm=20&pv=2&ga_vid=2106237504.1598869442&ga_sid=1598869442&ga_hid=1106103988&ga_fc=0&iag=0&icsg=141503&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C20206788%2C21066898%2C21067034%2C21067105&oid=3&pvsid=411167644129983&pem=108&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=CnegO5KosM&p=http%3A//ping.bloggportalen.aftonbladet.se&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 31 Aug 2020 10:24:01 GMT
server
cafe
content-length
198
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 31-Aug-2020 10:39:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 Aug 2020 10:24:01 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266007367936056&plah=ping.bloggportalen.aftonbladet.se&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cd7f36d0527b2542d797a58ec0954f677c68f89af81251ae7a064bb84ac366a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 10:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1598614337952014"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27470
x-xss-protection
0
expires
Mon, 31 Aug 2020 10:24:01 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=418332161560200&input_token&origin=1&redirect_uri=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
pragma
no-cache
x-fb-debug
tw4UDlE+voZ377kYAN/V3O9uYdTa40p8bSMFEGSJAYxVvbT8O0PtmE4Yo+fx1UrAonwD1lEqqi5rJwh1VL8a5g==
fb-s
unknown
cache-control
private, no-cache, no-store, must-revalidate
date
Mon, 31 Aug 2020 10:24:01 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ping.bloggportalen.aftonbladet.se
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 92B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7266007367936056&output=html&adk=1812271804&adf=3025194257&lmt=1598869441&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598869441494&bpp=1&bdt=319&idt=67&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=6960149109864&frm=20&pv=1&ga_vid=2106237504.1598869442&ga_sid=1598869442&ga_hid=1106103988&ga_fc=0&iag=0&icsg=33695935&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C20206788%2C21066898%2C21067034%2C21067105&oid=3&pvsid=411167644129983&pem=108&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266007367936056&plah=ping.bloggportalen.aftonbladet.se&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7266007367936056&output=html&adk=1812271804&adf=3025194257&lmt=1598869441&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1598869441494&bpp=1&bdt=319&idt=67&shv=r20200826&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=6960149109864&frm=20&pv=1&ga_vid=2106237504.1598869442&ga_sid=1598869442&ga_hid=1106103988&ga_fc=0&iag=0&icsg=33695935&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066700%2C21066793%2C20206788%2C21066898%2C21067034%2C21067105&oid=3&pvsid=411167644129983&pem=108&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 31 Aug 2020 10:24:01 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 31-Aug-2020 10:39:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 31 Aug 2020 10:24:01 GMT
cache-control
private
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j83&a=1106103988&t=pageview&_s=1&dl=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ul=en-us&de=UTF-8&dt=Bloggportalen...
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1106103988&t=pageview&_s=1&dl=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ul=en-us&de=UTF-8&dt=Bloggportale...
35 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1106103988&t=pageview&_s=1&dl=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ul=en-us&de=UTF-8&dt=Bloggportalen.se%20-%20Steg%201%3A%20Presentera%20bloggare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1169687887&gjid=1126364277&cid=2106237504.1598869442&tid=UA-71694535-1&_gid=1157670388.1598869442&_r=1&z=1891917464
Requested by
Host: ping.bloggportalen.aftonbladet.se
URL: http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Aug 2020 10:24:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1106103988&t=pageview&_s=1&dl=http%3A%2F%2Fping.bloggportalen.aftonbladet.se%2FBlogPortal%2Fview%2FRegister&ul=en-us&de=UTF-8&dt=Bloggportalen.se%20-%20Steg%201%3A%20Presentera%20bloggare&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEAB~&jid=1169687887&gjid=1126364277&cid=2106237504.1598869442&tid=UA-71694535-1&_gid=1157670388.1598869442&_r=1&z=1891917464
Non-Authoritative-Reason
HSTS
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200826&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266007367936056&plah=ping.bloggportalen.aftonbladet.se&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
206508499685857d9793831d9f06a221f43a74998ab2fc0b01fb3436152c8967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 31 Aug 2020 10:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6200
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200826/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7266007367936056&plah=ping.bloggportalen.aftonbladet.se&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 10:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 31 Aug 2020 10:24:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame CFB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 31 Aug 2020 09:51:11 GMT
expires
Tue, 31 Aug 2021 09:51:11 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1970
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200826&jk=411167644129983&bg=!3N-l38dY2QL8GT2nnmsCAAAAbFIAAAANCgHTHxnVHH1az-TwIVDuJL06YzlZo7yI8TqZaY4GJ0qqZO9ZdVeuqv5lyvUrfJvYBm0zLbedewpPcv41M8Kt8xhTqY30-sK1fSixAom_KFnl3bPooBzMciAYWAn1im2TCGbGJpE9serGDq-Wro_LZG0ls61-otZf0zQl02znOnB4oWQJ9ZF2kHoZyRNKn1agv7RXBjs75AtNGBAmEXtrrFr5LySo33kTH-MvRAy26Hn9GZ8vU1Je-WKpJ3wxUW8kmdyFgckDMb8qoeOsJrzi9gT8TW2wPCf9GnKwzGiugpnMSSmQlOIN7_lKLbcPCFej8UcIhpWUIG7s1YtjTHCyOFqxRiztUDpKKZHhzR-w3MwoSVEkOGIkSsG-5Achez9DeBPg2duVwAGryS2NJiz6N7CwBxtoTkJznArBPQLbk1R8nOM7tcMVMLV3uOj0WnBvDb9YnF1jGlEDCgSMvwIykc0KJQuojLBKaeAEUgTnCVmbqBWqCc9svpF5-GvUEVycf9dnpvmXKfi4uc4g-FFWeF26ubqbjEKW1vUxNDUZKQDaHjWVexLBAvrXkikcffCybYFUXD8GiUVh2sZq6DJpK0adGu26JC8ku95BBVFDb1gh_Fd42cOZAbcyG7LozvzFy1yzrpRivQhk5OGKc9mXWj34HVdkoWSq7TyNrmRkBVk8lI6RpgRz-tSROT83e_nRWjz9umyIQ1q4KiGgntVuOPiJkB-LGaL9V2gSx1d7z3ZimDPyfYAvjBQNQgljBT6ezKhklQAzjlrsr5gXmlgBMx8Ad8QyW4jRmM9o0xAbAFdd14Vepwrjw-vcbVVWfLLJbwrHpHNUuOpmMulWGvV8Et-nyrbGewdkx42Sg9Bfm9QEQCyW6c3_Wssprkpjor3y7sAzG2NRJHRicZF4nwTgXylOE86TCNNgkSGqxfS0sEt0R0FxK4s0jYykoZVOQ1TpE0qyP175hA286fwZhjWqdHmOn8nIZLy0-xO5ds_2-fBXki6ejjWbL0hnsZLsurQmUUjS-lDzubvS1XagQJUnVs1atqYbeusTNIxSjd-dfMBi4BqqvnNkpkoJ4MYNiLAuKKut--wMG2JM7JCuCibcSmGjRi2mubJDbEISTPomF-P0OvD3o1tjWtCPSOCzkMsbCz1NZ-jBkm8LX1jswTuDSxqyup2faS_2MpdNFZjiV94PwT3V8lWYYQXHdGfWMCFs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ping.bloggportalen.aftonbladet.se/BlogPortal/view/Register
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Aug 2020 10:24:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| fixColFunctions function| addColsHeightToFix function| fixAllColHeights function| fixColHeights function| $ function| jQuery object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| FB object| dateSelector object| Prototype object| Class object| Abstract object| Try function| PeriodicalExecuter object| $break object| $continue object| Enumerable function| $A object| Hash function| $H function| $R object| Ajax object| Toggle object| Insertion object| Field object| Form function| $F object| Position string| property function| ObjectRange object| Rico object| ajaxEngine object| dndMgr object| RicoUtil function| registerAjaxInfo function| getLocationsSearch function| selectLocation function| locationCheckEnterKey string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests function| extend

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.aftonbladet.se/ Name: _gid
Value: GA1.2.1157670388.1598869442
.aftonbladet.se/ Name: _gat
Value: 1
.aftonbladet.se/ Name: _ga
Value: GA1.2.2106237504.1598869442
ping.bloggportalen.aftonbladet.se/BlogPortal Name: JSESSIONID
Value: 12CC9D1EA3CB52B7F842A41F5A795914

5 Console Messages

Source Level URL
Text
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6(Line 52)
Message:
sdkperf: it took 24 ms and 60384 bytes to load https://connect.facebook.net/en_US/all.js
console-api debug URL: https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6(Line 52)
Message:
sdkperf: init logged after 143 ms
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6(Line 52)
Message:
domReady
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6(Line 52)
Message:
XFBML Parsing Start 1
console-api info URL: https://connect.facebook.net/en_US/all.js?hash=57ad835022d90607be174f757fe36179&ua=modern_es6(Line 52)
Message:
XFBML Parsing Finish 1, 0 tags found

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
ping.bloggportalen.aftonbladet.se
script.crazyegg.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
2001:4de0:ac19::1:b:1a
2606:4700::6813:9408
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
46.21.107.237
035b784e729e326b42c98c4cb20b0dde0101dfa5299279486e7ae19bb0f19509
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0668f99937139dd9779c1907d0fd58c266fbdfd9c09b7e57da9c790af76574d0
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1e8a59c31a488b4f920ae53b4e701f386c8f98514457c8e8f958d3f934c687e7
206508499685857d9793831d9f06a221f43a74998ab2fc0b01fb3436152c8967
27a47a7acdefa2874e1358c53844f37b69074827e68d88a1e3bf5cb6eb36ca45
4cd7f36d0527b2542d797a58ec0954f677c68f89af81251ae7a064bb84ac366a
57d60e7e9aa278b07f9f6c504c69ae676dd3c016fe0ea5fd33c791efe9c41d94
580adc73abe2f8270c1c4764e6f5bd66c31ad6d01d81d518d211b754ac6d35ea
5aca19cffc5925e4d05789f656ae0456e5e848125f71f64d1fbdadd09ef51466
5e53e01db362939b0b267710b2c329b2f3f1304c8996299ffe85ca4f496e484c
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6c0233832dbe428c39334847ec0421557e53b48ad11582896949b4bb7f1714b1
6c1d20826994c67c1265ef889d958473b445fafb58adbdf4496c033ba0512c8c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9e5d76e990c5d9b5484b67e21748ea507fc2adc6b41901652e1613b3240f3ccd
a0b05fa0f1ea9b841b8d399d3c9a946043d788f55fe6c8126d61f65bc5bb4d70
a8b25189ed626a7bb28cd7f4163a366880ea7319d69c094baba9c004ba7d8e86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e63b09fe5661fc5d9dcc84e1de06ef5d94dede5d2703e1fd2ac0321041598855
ec9f25eeee9d33e0b9cf898a223e0b9a17debd1363c9142c053d631e741830d5
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955