xn--vder24-bua.se Open in urlscan Pro Puny
väder24.se IDN
93.188.2.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xn--vder24-bua.se/
Submission: On May 09 via manual (May 9th 2022, 1:48:41 pm UTC) from DK — Scanned from SE

Summary HTTP 62 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 62 HTTP transactions. The main IP is 93.188.2.51, located in Sweden and belongs to LOOPIA, SE. The main domain is xn--vder24-bua.se.
TLS certificate: Issued by R3 on April 29th 2022. Valid for: 3 months.

This is the only time xn--vder24-bua.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	93.188.2.51 93.188.2.51	39570 (LOOPIA) (LOOPIA)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.110.155 142.250.110.155	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
9	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
62	16

19 93.188.2.51 (Sweden)

ASN39570 (LOOPIA, SE)
PTR: webfront1.webcluster.loopia.se

xn--vder24-bua.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	245 KB
19	xn--vder24-bua.se xn--vder24-bua.se	2 MB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	35 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 556 fonts.googleapis.com — Cisco Umbrella Rank: 111	228 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	60 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
2	google.se adservice.google.se — Cisco Umbrella Rank: 64096 www.google.se — Cisco Umbrella Rank: 16148	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	37 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	648 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	3 KB
62	11

	Domain	Requested by
19	xn--vder24-bua.se	xn--vder24-bua.se
10	pagead2.googlesyndication.com	xn--vder24-bua.se pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	maps.googleapis.com	xn--vder24-bua.se maps.googleapis.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	xn--vder24-bua.se tpc.googlesyndication.com
2	www.google-analytics.com	xn--vder24-bua.se www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.google.se	xn--vder24-bua.se
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.se	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdnjs.cloudflare.com	xn--vder24-bua.se
62	17

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
instagram.com
www.tv4play.se
www.svtplay.se
youtu.be
www.yr.no
www.met.no
www.smhi.se
policies.google.com
yr.no
met.no
smhi.se

Subject Issuer	Validity	Valid
xn--vder24-bua.se R3	`2022-04-29` - `2022-07-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://xn--vder24-bua.se/
Frame ID: FFC47B0A12A16AB17F60F89854438279
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 50C2D01E5AE8C55D056E5E151F26FB6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1652104115&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652104115559&bpp=3&bdt=637&idt=354&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&correlator=3827137500028&frm=20&pv=2&ga_vid=951425723.1652104116&ga_sid=1652104116&ga_hid=307333791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065544%2C31067068%2C31067450%2C21066432%2C31067488%2C31062930&oid=2&pvsid=3047016362256271&pem=64&tmod=743316606&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nRtMrYzbSd&p=https%3A//xn--vder24-bua.se&dtd=366
Frame ID: AF32D368E8A9AB73653E19FBB3B5BBD7
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&adk=1812271804&adf=3025194257&lmt=1652104115&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--vder24-bua.se%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652104115571&bpp=1&bdt=648&idt=360&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=3827137500028&frm=20&pv=1&ga_vid=951425723.1652104116&ga_sid=1652104116&ga_hid=307333791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065544%2C31067068%2C31067450%2C21066432%2C31067488%2C31062930&oid=2&pvsid=3047016362256271&pem=64&tmod=743316606&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=365
Frame ID: 977FB21B652B5137C844F52514EB0F2C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js
Frame ID: B42DE4B117516B1AAD80332DA9E2564F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 75EFAA2E05FA8961936AF7BD864BBC67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 840B951D6CA6D941655844621E1EF6C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Väder 24 / 7 för Sverige och världen via YR och SMHI - Väder24

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

62
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

2516 kB
Transfer

4370 kB
Size

9
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/vader24.se/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vader24.se/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CdTYls5MSzq/
Title: <img src="https://xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/placeholder.png" alt="Natten blir kall i mellersta och norra Sverige men det är risk för frost ända ner mot norra Götalands inland. I norr drar moln och fronter in västerifrån med nederbörd som är snö eller snöblandat regn i fjällen men annars regn. I södra och mellersta Sverige soligt med höga slöjmoln och vårvärme på 15-20 grader, lägre vid kuster med pålandsvind. Torrt i skog och mark med brandrisk på många håll. Trevlig kväll önskar vaderkondrup">

Search URL Search Domain Scan URL

URL: https://instagram.com/tv4vadret
Title: tv4vadret

Search URL Search Domain Scan URL

URL: https://www.tv4play.se/program/v%C3%A4der
Title: TV4 Play

Search URL Search Domain Scan URL

URL: https://www.svtplay.se/vader
Title: SVT Play

Search URL Search Domain Scan URL

URL: https://youtu.be/cqEkXL2q31o
Title: YouTube kanal

Search URL Search Domain Scan URL

URL: https://instagram.com/vader24.se/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.yr.no/
Title: YR

Search URL Search Domain Scan URL

URL: https://www.met.no/
Title: met.no

Search URL Search Domain Scan URL

URL: https://www.smhi.se/
Title: SMHI

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites
Title: Googles villkor

Search URL Search Domain Scan URL

URL: https://yr.no/
Title: YR

Search URL Search Domain Scan URL

URL: https://met.no/
Title: MET Norge

Search URL Search Domain Scan URL

URL: https://smhi.se/
Title: SMHI

Search URL Search Domain Scan URL

URL: https://www.instagram.com/
Title: Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xn--vder24-bua.se/ 55 KB
17 KB 499ms
279ms Document
text/html 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx / PHP/7.4.27
Resource Hash: 83e100e2bde63deed0c041c459d80a68862e5b2a21bd57bd2cbbe2160f216803

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 09 May 2022 13:48:34 GMT
server: nginx
vary: Accept-Encoding
x-loopia-node: 172.22.223.39
x-powered-by: PHP/7.4.27

GET
H2 200 2lhi1.css
xn--vder24-bua.se/wp-content/cache/wpfc-minified/6v49mli5/ 26 KB
6 KB 42ms
40ms Stylesheet
text/css 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/6v49mli5/2lhi1.css
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: dc924b2240a45fa0bf43ef1ba5417d0bac5dcab3f38b915fb7adaf59c79c29e2

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"6676-5dbea94d8f427"
vary: Accept-Encoding
content-type: text/css
x-loopia-node: 172.22.223.39

GET
H2 200 weather-icons.min.css
cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.5/css/ 25 KB
3 KB 407ms
38ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.5/css/weather-icons.min.css

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f07a3004bdc8edede2a311d63b8ddd6a7cd1f947de12beb198978a867bcfca32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 304340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2757
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-6201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aWcYooK%2Bi6b%2BQEa3Wqc%2F8ntfNzhZejluVu16NRrwVUjoN5U7icn2ChFAPqG7JDYXvj0sPt7O26na1iiWnpctt6BhFcGPSNyFEyN6JFWDRCSkummapjSkeBK2S1aqaK7BYoZdnAh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 708ae4c0cdf798eb-ARN
expires: Sat, 29 Apr 2023 13:48:35 GMT

GET
H2 200 2lhi1.css
xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/ 164 KB
42 KB 42ms
41ms Stylesheet
text/css 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 1f2a813a2db4af03158a0d1a9cb6314358b3921f89bf39ccd4aa7b3e2bfec06d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"29168-5dbea94d8a22b"
vary: Accept-Encoding
content-type: text/css
x-loopia-node: 172.22.223.39

GET
H2 200 2lhi1.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/d2lvfrv3/ 98 KB
41 KB 72ms
71ms Script
application/javascript 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/d2lvfrv3/2lhi1.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 1a9889e5fa79566a31a980caf31bcfb6c537d3928a9cc80d19cfb0275f955a5a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"188ca-5dbea94da89d6"
vary: Accept-Encoding
content-type: application/javascript
x-loopia-node: 172.22.223.39

GET
H2 200 2lhi1.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/d4ehkh8/ 222 KB
78 KB 96ms
95ms Script
application/javascript 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/d4ehkh8/2lhi1.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 7086b80b10b97614e06cdb48ab460f7b9b2e0dae49739a82bbfa6cdf76e800f5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"37925-5dbea94da1d47"
vary: Accept-Encoding
content-type: application/javascript
x-loopia-node: 172.22.223.39

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 163 KB
53 KB 197ms
81ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

mafe /

Resource Hash

f377e8e59c9e9250837da323668264fee155ec01e362be491c75dda0c4776df2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54264
x-xss-protection: 0
expires: Mon, 09 May 2022 14:18:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
55 KB 220ms
94ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e13eda7c2c29ab28b8f24449c4066d8b7398bf53490b6b0651d1a9f028e63365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56052
x-xss-protection: 0
server: cafe
etag: 14979606018661652040
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 May 2022 13:48:35 GMT

GET
H2 200 2lhi1.css
xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/ 58 KB
14 KB 68ms
68ms Stylesheet
text/css 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/2lhi1.css
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 771c7db692f18dc2a4c407f3892235d7b5198b0bac5f628e032e2a31ce0849f9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"e616-5dbea94d7eab3"
vary: Accept-Encoding
content-type: text/css
x-loopia-node: 172.22.223.39

GET
H2 200 2lhi1.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/8n6ttkid/ 52 KB
17 KB 70ms
69ms Script
application/javascript 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/8n6ttkid/2lhi1.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 4d638ae61b90856fc2033f0380c4116512bab5c483bf52ff8354a98c5058e851

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"d08e-5dbea94dbafc4"
vary: Accept-Encoding
content-type: application/javascript
x-loopia-node: 172.22.223.39

GET
H2 200 2lhi1.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/33a7fxly/ 2 KB
936 B 40ms
39ms Script
application/javascript 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/33a7fxly/2lhi1.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"664-5dbea94db6489"
vary: Accept-Encoding
content-type: application/javascript
x-loopia-node: 172.22.223.39

GET
H2 200 2lhi1.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/jqffegu4/ 225 KB
78 KB 95ms
95ms Script
application/javascript 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/jqffegu4/2lhi1.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 0af82ff5927865aa2406a053756b906cda365c66f6e6c411d196e3dbeeece358

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:34 GMT
content-encoding: br
last-modified: Tue, 05 Apr 2022 16:17:29 GMT
server: nginx
etag: W/"3851f-5dbea94db4967"
vary: Accept-Encoding
content-type: application/javascript
x-loopia-node: 172.22.223.39

GET
H2 200 RalewayRegular.woff2
xn--vder24-bua.se/wp-content/themes/vader24/fonts/ 38 KB
38 KB 91ms
91ms Font
application/octet-stream 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/themes/vader24/fonts/RalewayRegular.woff2
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 6201cb696067ffd18edb77e7bc397894265fd5d8c8646c9ea2393ab637dd1541

Request headers

Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Origin: https://xn--vder24-bua.se
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
last-modified: Sun, 27 Sep 2015 22:26:54 GMT
x-loopia-node: 172.22.223.39
accept-ranges: bytes
etag: "96ac-520c213f446a7"
content-length: 38572
server: nginx

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 174ms
56ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 825
date: Mon, 09 May 2022 13:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 09 May 2022 15:34:50 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 190ms
84ms XHR
application/json 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xn--vder24-bua.se
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 var-vader-top-s.jpg
xn--vder24-bua.se/wp-content/uploads/2018/04/ 1 MB
1 MB 89ms
88ms Image
image/jpeg 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/uploads/2018/04/var-vader-top-s.jpg
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 0cb81f86fa7f8890822609ca7b5416823543ab0e1e6773c3ecb2841892442840

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
last-modified: Wed, 08 Aug 2018 17:13:11 GMT
server: nginx
etag: "112443-572efa00ba892"
content-type: image/jpeg
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 1123395

GET
H2 200 fontawesome-webfont.woff2
xn--vder24-bua.se/wp-content/themes/vader24/fonts/ 55 KB
56 KB 147ms
147ms Font
application/octet-stream 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/themes/vader24/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Origin: https://xn--vder24-bua.se
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
last-modified: Sun, 27 Sep 2015 22:26:52 GMT
x-loopia-node: 172.22.223.39
accept-ranges: bytes
etag: "ddcc-520c213dfa178"
content-length: 56780
server: nginx

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 smile.fe6b77b1.svg
xn--vder24-bua.se/wp-content/plugins/weather/public/img/ 162 B
338 B 125ms
125ms Image
image/svg+xml 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/plugins/weather/public/img/smile.fe6b77b1.svg
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 0d82c7e198f342689c777b3d0cdd606874e7665c993cafc82f02d0673c6568a1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/2lhi1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
content-encoding: br
last-modified: Thu, 13 Jan 2022 12:52:32 GMT
server: nginx
etag: W/"a2-5d57628e2a1e8"
vary: Accept-Encoding
content-type: image/svg+xml
x-loopia-node: 172.22.223.39

POST
H2 200 typeahead.php Show response
xn--vder24-bua.se/wp-content/plugins/weather/public/ 518 KB
189 KB 714ms
714ms XHR
application/json 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/plugins/weather/public/typeahead.php
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/d4ehkh8/2lhi1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx / PHP/7.4.27
Resource Hash: 2d5f24917cf958dd49f7e45fcc3c7f462576f1be2bdb4dab96fa9c4ac042f882

Request headers

Accept: */*
Referer: https://xn--vder24-bua.se/
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.27
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://xn--vder24-bua.se
access-control-allow-credentials: true
x-loopia-node: 172.22.223.39

POST
H2 200 typeahead.php Show response
xn--vder24-bua.se/wp-content/plugins/weather/public/ 262 B
438 B 624ms
624ms XHR
text/html 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/plugins/weather/public/typeahead.php
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/d4ehkh8/2lhi1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx / PHP/7.4.27
Resource Hash: c3614da9cf80fabdcd8118563f7e49e6c98117071f38efe272213c75e511c4c7

Request headers

Accept: */*
Referer: https://xn--vder24-bua.se/
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.27
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://xn--vder24-bua.se
access-control-allow-credentials: true
x-loopia-node: 172.22.223.39

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sbi-sprite.png
xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/ 4 KB
4 KB 90ms
89ms Image
image/png 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/sbi-sprite.png
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/2lhi1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 9de999e7d4aa267a5acee4a0aed70ae6df10838613e9627a97a63cf47feb173e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/2lhi1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
last-modified: Sun, 06 Mar 2022 10:50:56 GMT
server: nginx
etag: "f67-5d98a85bd6739"
content-type: image/png
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 3943

GET
H2 200 280140897_1640364529676138_3495805680009297197_nfull.jpg
xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/ 102 KB
103 KB 86ms
86ms Image
image/jpeg 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/280140897_1640364529676138_3495805680009297197_nfull.jpg
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 73db1ef20f86667080e225551db60bf685e13bd9e87a59f7276affb618c111a5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
last-modified: Sun, 08 May 2022 22:30:20 GMT
server: nginx
etag: "19938-5de87a3061582"
content-type: image/jpeg
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 104760

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/ 308 KB
110 KB 215ms
83ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1847608235460551&plah=xn--vder24-bua.se&bust=31067450

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

70f3c50fa0d4014bbfcf498e6ad7cec5c6f75dde290956df7dccd07e87a0f5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112613
x-xss-protection: 0
server: cafe
etag: 1390972658469410671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 May 2022 13:48:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 50C2 10 KB
5 KB 193ms
54ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--vder24-bua.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 82002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 May 2022 15:01:53 GMT
etag: 1428802124239944296
expires: Sun, 22 May 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 187ms
62ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=307333791&t=pageview&_s=1&dl=https%3A%2F%2Fxn--vder24-bua.se%2F&ul=en-us&de=UTF-8&dt=V%C3%A4der%2024%20%2F%207%20f%C3%B6r%20Sverige%20och%20v%C3%A4rlden%20via%20YR%20och%20SMHI%20-%20V%C3%A4der24&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1440584024&gjid=1954106215&cid=951425723.1652104116&tid=UA-67188436-1&_gid=1700118876.1652104116&_r=1&_slc=1&z=225334095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--vder24-bua.se/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 May 2022 13:48:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--vder24-bua.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 154ms
51ms XHR
text/plain 142.250.110.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67188436-1&cid=951425723.1652104116&jid=1440584024&gjid=1954106215&_gid=1700118876.1652104116&_u=IEBAAEAAAAAAAC~&z=539432707

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--vder24-bua.se/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 May 2022 13:48:35 GMT
content-type: text/plain
access-control-allow-origin: https://xn--vder24-bua.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
648 B 197ms
63ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--vder24-bua.se&callback=_gfp_s_&client=ca-pub-1847608235460551

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1847608235460551&plah=xn--vder24-bua.se&bust=31067450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

c99ac10d95d42d03337e4e55f42ac5902a082efa5a70ff1fa3979a5fdbeb2091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 194ms
64ms Script
application/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=xn--vder24-bua.se

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 183ms
64ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--vder24-bua.se

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF32 81 KB
29 KB 506ms
394ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1652104115&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652104115559&bpp=3&bdt=637&idt=354&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&correlator=3827137500028&frm=20&pv=2&ga_vid=951425723.1652104116&ga_sid=1652104116&ga_hid=307333791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065544%2C31067068%2C31067450%2C21066432%2C31067488%2C31062930&oid=2&pvsid=3047016362256271&pem=64&tmod=743316606&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nRtMrYzbSd&p=https%3A//xn--vder24-bua.se&dtd=366

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

3c9b7aa68f7e110602e322a31a6934bb3b116050e9836293b7c60b74291629c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--vder24-bua.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30019
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 May 2022 13:48:36 GMT
expires: Mon, 09 May 2022 13:48:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 86ms
85ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fxn--vder24-bua.se%2F&tn=DIV&cls=cli-modal-backdrop%20cli-fade%20cli-popupbar-overlay%20cli-show&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 13:48:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
85ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 13:48:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 977F 0
19 B 258ms
156ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&adk=1812271804&adf=3025194257&lmt=1652104115&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--vder24-bua.se%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652104115571&bpp=1&bdt=648&idt=360&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=3827137500028&frm=20&pv=1&ga_vid=951425723.1652104116&ga_sid=1652104116&ga_hid=307333791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065544%2C31067068%2C31067450%2C21066432%2C31067488%2C31062930&oid=2&pvsid=3047016362256271&pem=64&tmod=743316606&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=365

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--vder24-bua.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 09 May 2022 13:48:36 GMT
expires: Mon, 09 May 2022 13:48:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 205ms
80ms Image
image/gif 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67188436-1&cid=951425723.1652104116&jid=1440584024&_u=IEBAAEAAAAAAAC~&z=1045228244

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 13:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 207ms
81ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67188436-1&cid=951425723.1652104116&jid=1440584024&_u=IEBAAEAAAAAAAC~&z=1045228244

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 13:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AF32 6 KB
961 B 65ms
64ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1652104115&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652104115559&bpp=3&bdt=637&idt=354&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&correlator=3827137500028&frm=20&pv=2&ga_vid=951425723.1652104116&ga_sid=1652104116&ga_hid=307333791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065544%2C31067068%2C31067450%2C21066432%2C31067488%2C31062930&oid=2&pvsid=3047016362256271&pem=64&tmod=743316606&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nRtMrYzbSd&p=https%3A//xn--vder24-bua.se&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:59:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 09 May 2022 13:48:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 May 2022 13:48:36 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4533035524944720536/ Frame AF32 13 KB
13 KB 189ms
71ms Image
image/jpeg 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4533035524944720536/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

05a1ab7b044a53f698533c99b32865eac53773f65ec000648fae5a607014bd28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 08 May 2022 19:27:33 GMT
x-content-type-options: nosniff
age: 66063
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13183
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 10:19:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 May 2023 19:27:33 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12722555559172950153/ Frame AF32 940 B
1 KB 187ms
69ms Image
image/png 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12722555559172950153/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

17dd0b8b246a97a25622afc0ad48ea59b9a22451817ee3144913955565bc9279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 05:56:58 GMT
x-content-type-options: nosniff
age: 287498
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 940
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 07:42:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 May 2023 05:56:58 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame AF32 2 KB
983 B 178ms
68ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 May 2022 13:44:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AF32 0
0 98ms
98ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChiOEtBt5YvmmBcHG1fAP8IOS-Amv-saEav-In4DhDt7ZHhABIKW2mgZg8ZWAhrAfoAGe-s7OAcgBCakCLJSiQ4Teej6oAwHIA8sEqgTJAU_QUijojk6afd4exKFyroAO_il9Jji9goEFYMxzbZDyjIbqtVxCu9Ntq2XBE42HE085aNe8AH-T3-MvDwr7IbN4EqQr3vIIfS9BGTXCLlWoVFyxJyORvzAgeQSRt_P8mKCU07r7i1JxB8xNJo2TTP19TvWJbPmn5x4vBl5oHrhUwffxt-OHZ-QqKfEdh18ise1ce7tHOEHObsn2NeMoGz6q0m3R_XLm3OW9damok5PAuatLHmO6LFmB-4RdLdo6VoPd4G-6w6GRNsAEpKSP-cUDkgUECAQYAZIFBAgFGASgBi6AB-zg7JECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4coS0ggJCIDhgBAQARgfgAoByAsB2BMNiBQC0BUBgBcBshccChoIABIUcHViLTE4NDc2MDgyMzU0NjA1NTEYAA&sigh=K9zXzjHoewc&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1652104115&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652104115559&bpp=3&bdt=637&idt=354&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&correlator=3827137500028&frm=20&pv=2&ga_vid=951425723.1652104116&ga_sid=1652104116&ga_hid=307333791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065544%2C31067068%2C31067450%2C21066432%2C31067488%2C31062930&oid=2&pvsid=3047016362256271&pem=64&tmod=743316606&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=nRtMrYzbSd&p=https%3A//xn--vder24-bua.se&dtd=366
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 May 2022 13:48:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 09 May 2022 13:48:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame AF32 19 KB
8 KB 161ms
53ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 May 2022 13:34:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame AF32 3 KB
1 KB 172ms
66ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 May 2022 13:40:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF32 120 KB
37 KB 237ms
108ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 May 2022 13:48:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame AF32 15 KB
6 KB 167ms
60ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 May 2022 13:34:29 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame AF32 30 KB
13 KB 165ms
52ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 02 May 2022 20:52:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 09:46:36 GMT

GET
DATA 200
OK truncated
/ Frame AF32 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 788c025fe5ac2996fd43652ba7167934bc99d23dabfefa7c8f60d5921dfd99a9

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AF32 15 KB
16 KB 165ms
53ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 16:37:56 GMT
x-content-type-options: nosniff
age: 508240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 16:37:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AF32 15 KB
16 KB 225ms
113ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 495641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AF32 15 KB
15 KB 177ms
66ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 499727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 18:59:49 GMT

GET
H2 200 placeholder.png
xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/ 176 B
341 B 37ms
37ms Image
image/png 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/placeholder.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:36 GMT
last-modified: Sun, 06 Mar 2022 10:50:56 GMT
server: nginx
etag: "b0-5d98a85bd5323"
content-type: image/png
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 176

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 176ms
73ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

caa9ff7ede835c0892a82fbcd42e29ccdccb21ef273cc2a7f36ed0c87b77c088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 May 2022 13:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10724
x-xss-protection: 0

GET
H3 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame B42D 35 KB
13 KB 53ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 May 2023 13:31:45 GMT

GET
H2 200 280140897_1640364529676138_3495805680009297197_nfull.jpg
xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/ 102 KB
103 KB 81ms
81ms Image
image/jpeg 93.188.2.51
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/280140897_1640364529676138_3495805680009297197_nfull.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.188.2.51 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS: webfront1.webcluster.loopia.se
Software: nginx /
Resource Hash: 73db1ef20f86667080e225551db60bf685e13bd9e87a59f7276affb618c111a5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:36 GMT
last-modified: Sun, 08 May 2022 22:30:20 GMT
server: nginx
accept-ranges: bytes
etag: "19938-5de87a3061582"
content-length: 104760
content-type: image/jpeg

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 192ms
78ms Script
text/javascript 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 May 2022 13:48:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 75EF 13 KB
5 KB 64ms
64ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--vder24-bua.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 3756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 09 May 2022 12:46:01 GMT
expires: Tue, 09 May 2023 12:46:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 840B 783 B
534 B 189ms
65ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

cd832e8ece3e0ad6623326a242ff77235e335d4ec43185427453c09d1f30b331

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cDpbB1r7m3pZZMYsTKv+RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--vder24-bua.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cDpbB1r7m3pZZMYsTKv+RQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 09 May 2022 13:48:37 GMT
expires: Mon, 09 May 2022 13:48:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js Show response
pagead2.googlesyndication.com/bg/ Frame 75EF 35 KB
13 KB 54ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NHksFvpwOA_e7xJte31GpOZsvVxHGuXQeGuPktjycGc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:31:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13649
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 May 2023 13:31:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 840B 0
0 117ms
117ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=3047016362256271&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 75EF 0
9 B 55ms
55ms Image
text/plain 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TceU8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 13:48:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF32 42 B
64 B 86ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCbiueMEemkrkn_29NMWm15NDEqL2sycuST83tLj1vF0vXDoy7PWFVtpY4ITn6XuidMjqduwPWjJZYaoZhcIhkbFPHkchRqKevoZj9fnFM595BbJ5OhCaf9LuM&sai=AMfl-YQ8ZhtI_lSWjwFH-VxNFOLxRHqIzktwixbniIJhrhpiFMld1usba2oM-GudpHUgZ0NixM9zjpJJg4k1&sig=Cg0ArKJSzOe8sAIN6Ud1EAE&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1136449372&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652104115926&rpt=876&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 13:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 123ms
122ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=3047016362256271&bg=!AAOlA0fNAAZX5TVhd-U7ACkAdvg8WqWqX-sWpxNThASobcpTWdbGzy35RxxPkKpl77MCr5x_c9tyLgIAAABRUgAAAANoAQeZAqyhzunw8v-D53gGkZjnvmhHaLXwl5gd4GHm1NJ1hu-S4CpjI3uWBXJKWAOQkkzpepxy5EPuydJtwHAm2T3XFgyUbx0YUYucGZUtgiiJ2wCG74VIC24W5zIn7lh1Ph3FS9Kj3Q5ncIknlujqm2fjwxkeAwmMMSBk1YEPeEJKeZQrCXP2htPws8EE_cyJqzwG-VXPUwAgxs5m7cmQPI5fFhiuHQpxYtTi_W1Q0BSir_K5A_owwCQx7MtQUgAloRiDNKq2wjv534qnYCKfTngrcNB3jalR-gM0O9-Cp1mDPHAG3TwQ4UIgCNocddZKiiMQwcuhc-1iY31MnprmhLo4cjRyE-DSaZ9F8BMsRJN1odXXcEesETtEYKH6fJ7qbzy6Bjh1E9_nShQkUmm0IysMC2b_vr6A9hUIw6qDINC49AEAXyo_JHwYhJIkmJF95ksAtHGHnYPnFP6Bko1bqQrUwOHsgCmGS0f2vRkw2hZletBlE5EXXpggMQy9PPwbwgokm6JbgsRd4QqoOIf-4-qv7XQPXsg_x1QA8KwlBZq2u1GnzfL4M0OjruOEiihyj0rkFQsOJrRCA_h9_hHtzloepVxiz0TSts-L8HoVs8lLjaaI4C-bq8R42PlfbDujXp_jHIC6vBUl0_Ob0DyvnXpKy9uPHTIakuHLd2rKsX2jV0hh_-qA1E7WZ6QxO6s4x_cYQ01n5iIp6zcvMCkTjqGaMuvcjeblcoZ6OxbHy96ieUDSTx367I1x9uAdJD4VgHV6Sb4jljt7Zt2t6yTg6WBL0iBDrIZ1CTuFn_0zNSCW5B1SKPGh_U5nQcEtisaVaEVlgQzueh7IVAUKF_HxFEJW-nTJ93FFikHHN4oQYvrSRJOmclveJBeHWkwvQ2sjuiNp8KAgh7BGPzfXi9dTbzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/12/ 82 KB
82 KB 170ms
55ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/12/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

e32760cb827cf8c5d7046e4cb527aad90cbaaab51b072e4112722c0cbbd11afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 12:41:29 GMT
x-content-type-options: nosniff
age: 4031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83662
x-xss-protection: 0
last-modified: Tue, 03 May 2022 20:33:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 May 2023 12:41:29 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/12/ 308 KB
92 KB 173ms
58ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/12/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

5b0c26ba901c761c395e560e8ef692337b740ae392e99cf8db7f848b4a3c3eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 09 May 2022 10:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93817
x-xss-protection: 0
last-modified: Tue, 03 May 2022 20:33:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 09 May 2023 10:17:22 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xn--vder24-bua.se/	1970-01-20 11:40:40	Name: cookielawinfo-checkbox-necessary Value: yes
xn--vder24-bua.se/	1970-01-20 11:40:40	Name: cookielawinfo-checkbox-funktionellt Value: yes
xn--vder24-bua.se/	1970-01-20 11:40:40	Name: cookielawinfo-checkbox-analytics Value: yes
xn--vder24-bua.se/	1970-01-20 11:40:40	Name: cookielawinfo-checkbox-advertisement Value: yes
.xn--vder24-bua.se/	1970-01-20 20:26:16	Name: _ga Value: GA1.2.951425723.1652104116
.xn--vder24-bua.se/	1970-01-20 02:56:30	Name: _gid Value: GA1.2.1700118876.1652104116
.xn--vder24-bua.se/	1970-01-20 02:55:04	Name: _gat Value: 1
.xn--vder24-bua.se/	1970-01-20 12:16:40	Name: __gads Value: ID=bf0ad059885b85ad-22f3dd888fcd009b:T=1652104116:RT=1652104116:S=ALNI_MZ45zqPimdJta5Wjm-qPyBeiFIerg
.doubleclick.net/	1970-01-20 12:16:40	Name: IDE Value: AHWqTUms0RNSQEun7pKMr0vNhEttDyqVaxNuGcY9imeflHI8fidGx9AanNSShCf23q4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.se
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maps.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.se
www.googletagservices.com
www.gstatic.com
xn--vder24-bua.se
104.17.25.14
142.250.110.155
142.250.181.238
142.250.184.196
142.250.184.202
142.250.184.226
142.250.185.131
142.250.185.195
142.250.185.225
142.250.185.98
142.250.186.162
142.250.186.35
172.217.16.130
216.58.212.162
93.188.2.51
05a1ab7b044a53f698533c99b32865eac53773f65ec000648fae5a607014bd28
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0af82ff5927865aa2406a053756b906cda365c66f6e6c411d196e3dbeeece358
0cb81f86fa7f8890822609ca7b5416823543ab0e1e6773c3ecb2841892442840
0d82c7e198f342689c777b3d0cdd606874e7665c993cafc82f02d0673c6568a1
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
17dd0b8b246a97a25622afc0ad48ea59b9a22451817ee3144913955565bc9279
1a9889e5fa79566a31a980caf31bcfb6c537d3928a9cc80d19cfb0275f955a5a
1f2a813a2db4af03158a0d1a9cb6314358b3921f89bf39ccd4aa7b3e2bfec06d
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d5f24917cf958dd49f7e45fcc3c7f462576f1be2bdb4dab96fa9c4ac042f882
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34792c16fa70380fdeef126d7b7d46a4e66cbd5c471ae5d0786b8f92d8f27067
3c9b7aa68f7e110602e322a31a6934bb3b116050e9836293b7c60b74291629c7
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4d638ae61b90856fc2033f0380c4116512bab5c483bf52ff8354a98c5058e851
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b0c26ba901c761c395e560e8ef692337b740ae392e99cf8db7f848b4a3c3eb1
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6201cb696067ffd18edb77e7bc397894265fd5d8c8646c9ea2393ab637dd1541
7086b80b10b97614e06cdb48ab460f7b9b2e0dae49739a82bbfa6cdf76e800f5
70f3c50fa0d4014bbfcf498e6ad7cec5c6f75dde290956df7dccd07e87a0f5eb
73db1ef20f86667080e225551db60bf685e13bd9e87a59f7276affb618c111a5
771c7db692f18dc2a4c407f3892235d7b5198b0bac5f628e032e2a31ce0849f9
788c025fe5ac2996fd43652ba7167934bc99d23dabfefa7c8f60d5921dfd99a9
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
83e100e2bde63deed0c041c459d80a68862e5b2a21bd57bd2cbbe2160f216803
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9de999e7d4aa267a5acee4a0aed70ae6df10838613e9627a97a63cf47feb173e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c3614da9cf80fabdcd8118563f7e49e6c98117071f38efe272213c75e511c4c7
c99ac10d95d42d03337e4e55f42ac5902a082efa5a70ff1fa3979a5fdbeb2091
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caa9ff7ede835c0892a82fbcd42e29ccdccb21ef273cc2a7f36ed0c87b77c088
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd832e8ece3e0ad6623326a242ff77235e335d4ec43185427453c09d1f30b331
dc924b2240a45fa0bf43ef1ba5417d0bac5dcab3f38b915fb7adaf59c79c29e2
e13eda7c2c29ab28b8f24449c4066d8b7398bf53490b6b0651d1a9f028e63365
e32760cb827cf8c5d7046e4cb527aad90cbaaab51b072e4112722c0cbbd11afa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07a3004bdc8edede2a311d63b8ddd6a7cd1f947de12beb198978a867bcfca32
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f377e8e59c9e9250837da323668264fee155ec01e362be491c75dda0c4776df2
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

xn--vder24-bua.se Open in urlscan Pro Puny väder24.se IDN 93.188.2.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

0 %IPv6

11 Domains

17 Subdomains

16 IPs

3 Countries

2516 kBTransfer

4370 kBSize

9 Cookies

16 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xn--vder24-bua.se Open in urlscan Pro Puny
väder24.se IDN
93.188.2.51 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

2516 kB
Transfer

4370 kB
Size

9
Cookies

62 HTTP transactions
3 data transactions