Submitted URL: http://orebrotribune.se/
Effective URL: https://orebrotribune.se/
Submission: On June 18 via manual from SE

Summary

This website contacted 6 IPs in 1 countries across 8 domains to perform 51 HTTP transactions. The main IP is 173.249.41.110, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is orebrotribune.se.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 5th 2019. Valid for: 3 months.
This is the only time orebrotribune.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 173.249.41.110 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
51 6
Domain Requested by
39 orebrotribune.se 1 redirects orebrotribune.se
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com orebrotribune.se
3 pagead2.googlesyndication.com orebrotribune.se
pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fonts.googleapis.com orebrotribune.se
51 8

This site contains links to these domains. Also see Links.

Domain
utryckning.se
blogg.orebrotribune.se
discourse.nu
www.orebrofutsal.se
Subject Issuer Validity Valid
orebrotribune.se
Let's Encrypt Authority X3
2019-05-05 -
2019-08-03
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-06-11 -
2019-09-03
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh
*.google.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months crt.sh

This page contains 4 frames:

Primary Page: https://orebrotribune.se/
Frame ID: 42AC789DF7198C032FCC92466C818063
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Frame ID: BDF6D3526E3FC9EFA9B637E83309B3A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7402106562978345&output=html&h=90&slotname=5671655556&adk=2134519082&adf=3110061354&w=1200&fwrn=4&fwrnh=100&lmt=1560866456&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Forebrotribune.se%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&dt=1560866456079&bpp=26&bdt=572&fdt=197&idt=197&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&correlator=5327187309252&frm=20&pv=2&ga_vid=631415495.1560866456&ga_sid=1560866456&ga_hid=553006540&ga_fc=0&iag=0&icsg=2951413759&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=3099&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=2068837332&ifi=1&uci=a!1&fsb=1&xpc=n8P6wr5zF4&p=https%3A//orebrotribune.se&dtd=295
Frame ID: 48BA2661A7042B245C191A922208C8DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7402106562978345&output=html&adk=1812271804&adf=3025194257&lmt=1560866456&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Forebrotribune.se%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560866456508&bpp=83&bdt=1001&fdt=83&idt=84&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=5327187309252&frm=20&pv=1&ga_vid=631415495.1560866456&ga_sid=1560866456&ga_hid=553006540&ga_fc=0&iag=0&icsg=11818340712447&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2258232688&ifi=1&uci=a!1&fsb=1&dtd=107
Frame ID: 2D139217013F7241E425A5D08696594E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://orebrotribune.se/ HTTP 301
    https://orebrotribune.se/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

51
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

8
Subdomains

6
IPs

1
Countries

1678 kB
Transfer

1947 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://orebrotribune.se/ HTTP 301
    https://orebrotribune.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
orebrotribune.se/
Redirect Chain
  • http://orebrotribune.se/
  • https://orebrotribune.se/
42 KB
9 KB
Document
General
Full URL
https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PHP/7.2.19 PleskLin
Resource Hash
ae43d4f6b65853595462a7373cd82c4f3081455b181a75e8a24d8f8c8be9eb78

Request headers

:method
GET
:authority
orebrotribune.se
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 18 Jun 2019 14:00:55 GMT
content-type
text/html; charset=UTF-8
content-length
8986
x-powered-by
PHP/7.2.19 PleskLin
link
<https://orebrotribune.se/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-encoding
gzip
x-cache-status
BYPASS

Redirect headers

Server
nginx
Date
Tue, 18 Jun 2019 14:00:54 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://orebrotribune.se/
style.min.css
orebrotribune.se/wp-includes/css/dist/block-library/
29 KB
29 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-includes/css/dist/block-library/style.min.css?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sun, 26 May 2019 16:54:02 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ceac4aa-726f"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
29295
jquery.fancybox.min.css
orebrotribune.se/wp-content/plugins/w3dev-fancybox/fancybox/
14 KB
14 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/plugins/w3dev-fancybox/fancybox/jquery.fancybox.min.css?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
f6f3d53dd2240261f157695adf386a5c08014298c19f62ccf63cd162996892d0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:38 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c0a6-36f1"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
14065
normalize.css
orebrotribune.se/wp-content/themes/orebrotribune/assets/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/css/normalize.css
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
a56ca0c97efe54c1e67bd2b05d33ac20cd2bb50a9b0c552f5fee945e7013c480

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c090-1f74"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
8052
wp.css
orebrotribune.se/wp-content/themes/orebrotribune/assets/css/
15 KB
15 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/css/wp.css
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
8b7a373b15fe7ca0089f2665b272895e076acd2c02a760438ada1c9050b11b67

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:16 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c090-3cc4"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
15556
font-awesome.min.css
orebrotribune.se/wp-content/themes/orebrotribune/assets/fonts/font-awesome-4.6.3/css/
28 KB
29 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/fonts/font-awesome-4.6.3/css/font-awesome.min.css
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c091-7187"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
29063
css
fonts.googleapis.com/
8 KB
868 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat%7CPlayfair+Display%3A400%2C700%7CLora%3A400%2C700&subset
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3e13b2f163861d6f2be5c1ddb66a351bf69b8fbcc725d3eec2016be532193840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 18 Jun 2019 14:00:55 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 18 Jun 2019 14:00:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 18 Jun 2019 14:00:55 GMT
style.css
orebrotribune.se/wp-content/themes/orebrotribune/assets/css/
41 KB
41 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/css/style.css
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
3c3ccdd776d92738da9e33038d466737f87146f8f61a2fde622c1eb32ae4e303

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sun, 10 Feb 2019 18:16:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c606a7f-a4b9"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
42169
style.css
orebrotribune.se/wp-content/themes/orebrotribune/
319 B
440 B
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/style.css?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
2d811a180e64e3b7243e26033806122acff0362b59a037860ab7a16ec51350af

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
content-encoding
gzip
last-modified
Fri, 01 Feb 2019 03:44:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"13f-580ccf4c83b00-gzip"
x-cache-status
BYPASS
vary
Accept-Encoding
content-type
text/css
status
200
x-accel-version
0.01
accept-ranges
bytes
content-length
214
wp-review.css
orebrotribune.se/wp-content/plugins/wp-review/public/css/
30 KB
30 KB
Stylesheet
General
Full URL
https://orebrotribune.se/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.2.0
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
dbfb69d1031a947b7794a20d38f0d34f17608d4e7f74026f6920c916dd45101d

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Tue, 19 Feb 2019 21:09:14 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c6c707a-7808"
x-cache-status
BYPASS
content-type
text/css
status
200
accept-ranges
bytes
content-length
30728
jquery.js
orebrotribune.se/wp-includes/js/jquery/
95 KB
95 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sun, 26 May 2019 16:54:03 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ceac4ab-17a69"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
96873
jquery-migrate.min.js
orebrotribune.se/wp-includes/js/jquery/
10 KB
10 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
x-powered-by
PleskLin
etag
"573eaa90-2748"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
10056
OrebroTribune-logotyp.png
orebrotribune.se/wp-content/uploads/2018/04/
24 KB
24 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2018/04/OrebroTribune-logotyp.png
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
9a0a4c733ed6360aed3751ba199245b6d4037322a47b9d53d8e2c9b605f51fe2

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 05:54:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53df04-6046"
x-cache-status
BYPASS
content-type
image/png
status
200
accept-ranges
bytes
content-length
24646
Tack-OFC-Banner.png
orebrotribune.se/wp-content/uploads/2019/05/
113 KB
114 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/05/Tack-OFC-Banner.png
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
8e72c3020a3e9f6249d68931fedd2d69b6a7ddad07f06c81aad90da78f9e898a

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Tue, 28 May 2019 15:51:24 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ced58fc-1c4eb"
x-cache-status
BYPASS
content-type
image/png
status
200
accept-ranges
bytes
content-length
115947
Polis_Hj%C3%A4rsta_04-768x512.jpg
orebrotribune.se/wp-content/uploads/2018/05/
37 KB
37 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2018/05/Polis_Hj%C3%A4rsta_04-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
e79bb96b6b69721c86ebe3b3fe761002d4c8fb54c1dde4c863bad3ba561216d3

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 05:52:06 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53de86-9512"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
38162
Mobiltelefon_01-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
39 KB
40 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Mobiltelefon_01-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
1b0b1c9bf2b750b66f3d6690d4ead636d4f061cf81d4b25590b18f2440f1d96d

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Mon, 17 Jun 2019 15:53:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d07b794-9d77"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
40311
Larm_Rosta_Polis_02-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
103 KB
103 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Larm_Rosta_Polis_02-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
85a97e6ad47adb84d81316e63c7cf4b913b06201f95fe393fdbdd501dc0042b9

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Mon, 17 Jun 2019 13:20:25 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d079399-19ad9"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
105177
Ra%CC%8An-mot-Apotek_1210-768x512.jpg
orebrotribune.se/wp-content/uploads/2018/08/
57 KB
57 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2018/08/Ra%CC%8An-mot-Apotek_1210-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
bfae5704726a9dd5a312dd81a1516247fdfb23b7ca16f7c7bfbd48ce41846c2b

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 05:19:28 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53d6e0-e3e2"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
58338
Pistvakt_04-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
107 KB
107 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Pistvakt_04-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
14c44f461189bdc13e80835f677e67914b3b38300b622c9b18070052ce61caa4

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sat, 15 Jun 2019 21:45:42 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d056706-1ab85"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
109445
Catarina-Cooper-01-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
80 KB
80 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Catarina-Cooper-01-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
47e9da9dc7554728e52dae4650e431a62b5d2b66aa2abd3ae519aa51ebd229f5

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sat, 15 Jun 2019 13:12:00 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d04eea0-13e64"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
81508
Gustavsviksv%C3%A4gen_01-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
165 KB
165 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Gustavsviksv%C3%A4gen_01-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
7502c49c9f5030cb3eb2ad42f727bdd925b3e22eb26384c4718c81a131c4e4b5

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sat, 15 Jun 2019 10:11:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d04c443-2928a"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
168586
Hoffmaestro_04-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
75 KB
75 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Hoffmaestro_04-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
e774f2ec4a865f5a5b4f9926802fca9c891fe3d42a4ee00e43498c82ec122c4d

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 14 Jun 2019 22:18:11 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d041d23-12bbd"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
76733
Girls_on_Bikes_for_a_good_cause_14-768x512.jpg
orebrotribune.se/wp-content/uploads/2018/06/
107 KB
107 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2018/06/Girls_on_Bikes_for_a_good_cause_14-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
e918d15472f598f8353d08710ff6d3e17400b459842195970364b0d33a715bb1

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 05:30:58 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53d992-1ac51"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
109649
Weeping_Willows_01-768x512.jpg
orebrotribune.se/wp-content/uploads/2019/06/
49 KB
50 KB
Image
General
Full URL
https://orebrotribune.se/wp-content/uploads/2019/06/Weeping_Willows_01-768x512.jpg
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
50357330388c9f893098703e0404dc8b89d0fb57f9b2d966f669c164f8b439f3

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Thu, 13 Jun 2019 21:09:04 GMT
server
nginx
x-powered-by
PleskLin
etag
"5d02bb70-c5b7"
x-cache-status
BYPASS
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
50615
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
90 KB
33 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9e2c3501650bf50a4d7d890902dbcba693e66ae153e6661edefa17ae5ec6207b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
34054
x-xss-protection
0
server
cafe
etag
9708510623592440332
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 Jun 2019 14:00:55 GMT
jquery.fancybox.min.js
orebrotribune.se/wp-content/plugins/w3dev-fancybox/fancybox/
60 KB
60 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/plugins/w3dev-fancybox/fancybox/jquery.fancybox.min.js?ver=3.1.25
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:38 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c0a6-f02e"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
61486
imagesloaded.min.js
orebrotribune.se/wp-includes/js/
8 KB
8 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 22 Feb 2019 05:31:40 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c6f893c-1fb1"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
8113
masonry.min.js
orebrotribune.se/wp-includes/js/
28 KB
28 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 22 Feb 2019 05:31:40 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c6f893c-7119"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
28953
jquery.masonry.min.js
orebrotribune.se/wp-includes/js/jquery/
2 KB
2 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Thu, 18 Aug 2016 18:55:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"57b604a2-71b"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1819
jquery.meanmenu.js
orebrotribune.se/wp-content/themes/orebrotribune/assets/js/
11 KB
12 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/js/jquery.meanmenu.js?ver=2.0.8
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
2b2ad2e550673b99c2b2cd3178e7ba90eb9340ff9604d4df8e96a28c0e1972d0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c08f-2dcf"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
11727
jquery.matchHeight-min.js
orebrotribune.se/wp-content/themes/orebrotribune/assets/js/
3 KB
3 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/js/jquery.matchHeight-min.js
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
6bf1f6eb3722c5ed6cbeed9f61ac7b00d24c4b3198c89348e7684a2982536abf

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c08f-d20"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3360
jquery.infinitescroll.min.js
orebrotribune.se/wp-content/themes/orebrotribune/assets/js/
21 KB
21 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/js/jquery.infinitescroll.min.js?ver=2.1.0
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
a155774b632d61296b744d80a53b1cc5294a4b61740877656256a160b29916d5

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c08f-54d5"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
21717
main.js
orebrotribune.se/wp-content/themes/orebrotribune/assets/js/
7 KB
7 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/js/main.js?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
e1c9e09fc8cd25a92b51e41a8ca4e0bf3b94ffe3bc3884681f987d59187aaf7e

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c08f-1d2a"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
7466
js.cookie.min.js
orebrotribune.se/wp-content/plugins/wp-review/public/js/
2 KB
2 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Tue, 19 Feb 2019 21:09:14 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c6c707a-69f"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1695
underscore.min.js
orebrotribune.se/wp-includes/js/
16 KB
16 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 22 Feb 2019 05:31:40 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c6f893c-3f38"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
16184
wp-util.min.js
orebrotribune.se/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/wp-util.min.js?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
080cf3de5031b9caac353875e8969fd80a548c9f39fdf4627a8c65abddad8b04

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Wed, 10 Oct 2018 04:11:25 GMT
server
nginx
x-powered-by
PleskLin
etag
"5bbd7bed-416"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1046
main.js
orebrotribune.se/wp-content/plugins/wp-review/public/js/
3 KB
3 KB
Script
General
Full URL
https://orebrotribune.se/wp-content/plugins/wp-review/public/js/main.js?ver=5.2.0
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
8fc7dbb9d3b5b596bbf99cec9006a42dc1412d56a9da67fa5fe09d006ca16738

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Tue, 19 Feb 2019 21:09:14 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c6c707a-d30"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3376
wp-embed.min.js
orebrotribune.se/wp-includes/js/
1 KB
2 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/wp-embed.min.js?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Thu, 11 Oct 2018 04:00:23 GMT
server
nginx
x-powered-by
PleskLin
etag
"5bbecad7-57b"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1403
wp-emoji-release.min.js
orebrotribune.se/wp-includes/js/
14 KB
14 KB
Script
General
Full URL
https://orebrotribune.se/wp-includes/js/wp-emoji-release.min.js?ver=5.2.1
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Sun, 26 May 2019 16:54:03 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ceac4ab-3610"
x-cache-status
BYPASS
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
13840
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7CPlayfair+Display%3A400%2C700%7CLora%3A400%2C700&subset
Origin
https://orebrotribune.se

Response headers

date
Sat, 01 Jun 2019 12:20:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 Mar 2019 20:05:58 GMT
server
sffe
age
1474833
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13708
x-xss-protection
0
expires
Sun, 31 May 2020 12:20:22 GMT
fontawesome-webfont.woff2
orebrotribune.se/wp-content/themes/orebrotribune/assets/fonts/font-awesome-4.6.3/fonts/
70 KB
70 KB
Font
General
Full URL
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/fonts/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.249.41.110 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi238702.contaboserver.net
Software
nginx / PleskLin
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://orebrotribune.se/wp-content/themes/orebrotribune/assets/fonts/font-awesome-4.6.3/css/font-awesome.min.css
Origin
https://orebrotribune.se

Response headers

date
Tue, 18 Jun 2019 14:00:55 GMT
last-modified
Fri, 01 Feb 2019 03:44:17 GMT
server
nginx
x-powered-by
PleskLin
etag
"5c53c091-118d8"
x-cache-status
BYPASS
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
71896
nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v14/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v14/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7CPlayfair+Display%3A400%2C700%7CLora%3A400%2C700&subset
Origin
https://orebrotribune.se

Response headers

date
Sat, 01 Jun 2019 08:22:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:30:54 GMT
server
sffe
age
1489106
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18436
x-xss-protection
0
expires
Sun, 31 May 2020 08:22:29 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v13/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v13/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: orebrotribune.se
URL: https://orebrotribune.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2a80dc3e72230cd009ad952ebac959905d921e509aebe911704557d0311da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat%7CPlayfair+Display%3A400%2C700%7CLora%3A400%2C700&subset
Origin
https://orebrotribune.se

Response headers

date
Sat, 01 Jun 2019 21:06:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:23:23 GMT
server
sffe
age
1443249
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15608
x-xss-protection
0
expires
Sun, 31 May 2020 21:06:46 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=orebrotribune.se
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=orebrotribune.se
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/
211 KB
78 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
79882
x-xss-protection
0
server
cafe
etag
7860360361704898373
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Jun 2019 14:00:56 GMT
ca-pub-7402106562978345.js
pagead2.googlesyndication.com/pub-config/r20160913/
108 B
223 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7402106562978345.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jun 2019 20:23:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
118
x-xss-protection
0
expires
Wed, 19 Jun 2019 02:00:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/ Frame BDF6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190612/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://orebrotribune.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://orebrotribune.se/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 13 Jun 2019 20:55:25 GMT
expires
Thu, 27 Jun 2019 20:55:25 GMT
content-type
text/html; charset=UTF-8
etag
9107516332936589630
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
7041
x-xss-protection
0
cache-control
public, max-age=1209600
age
407131
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
ads
googleads.g.doubleclick.net/pagead/ Frame 48BA
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7402106562978345&output=html&h=90&slotname=5671655556&adk=2134519082&adf=3110061354&w=1200&fwrn=4&fwrnh=100&lmt=1560866456&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Forebrotribune.se%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&dt=1560866456079&bpp=26&bdt=572&fdt=197&idt=197&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&correlator=5327187309252&frm=20&pv=2&ga_vid=631415495.1560866456&ga_sid=1560866456&ga_hid=553006540&ga_fc=0&iag=0&icsg=2951413759&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=3099&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=2068837332&ifi=1&uci=a!1&fsb=1&xpc=n8P6wr5zF4&p=https%3A//orebrotribune.se&dtd=295
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7402106562978345&output=html&h=90&slotname=5671655556&adk=2134519082&adf=3110061354&w=1200&fwrn=4&fwrnh=100&lmt=1560866456&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Forebrotribune.se%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&dt=1560866456079&bpp=26&bdt=572&fdt=197&idt=197&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&correlator=5327187309252&frm=20&pv=2&ga_vid=631415495.1560866456&ga_sid=1560866456&ga_hid=553006540&ga_fc=0&iag=0&icsg=2951413759&dssz=19&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=3099&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=2068837332&ifi=1&uci=a!1&fsb=1&xpc=n8P6wr5zF4&p=https%3A//orebrotribune.se&dtd=295
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://orebrotribune.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://orebrotribune.se/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 18 Jun 2019 14:00:56 GMT
server
cafe
content-length
22407
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Jun-2019 14:15:56 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 18 Jun 2019 14:00:56 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
75 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://orebrotribune.se/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 14:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1560769997427486"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28399
x-xss-protection
0
expires
Tue, 18 Jun 2019 14:00:56 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2D13
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7402106562978345&output=html&adk=1812271804&adf=3025194257&lmt=1560866456&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Forebrotribune.se%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560866456508&bpp=83&bdt=1001&fdt=83&idt=84&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=5327187309252&frm=20&pv=1&ga_vid=631415495.1560866456&ga_sid=1560866456&ga_hid=553006540&ga_fc=0&iag=0&icsg=11818340712447&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2258232688&ifi=1&uci=a!1&fsb=1&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7402106562978345&output=html&adk=1812271804&adf=3025194257&lmt=1560866456&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Forebrotribune.se%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560866456508&bpp=83&bdt=1001&fdt=83&idt=84&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=5327187309252&frm=20&pv=1&ga_vid=631415495.1560866456&ga_sid=1560866456&ga_hid=553006540&ga_fc=0&iag=0&icsg=11818340712447&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199335%2C21060853&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2258232688&ifi=1&uci=a!1&fsb=1&dtd=107
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://orebrotribune.se/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://orebrotribune.se/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 18 Jun 2019 14:00:56 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 18-Jun-2019 14:15:56 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires
Tue, 18 Jun 2019 14:00:56 GMT
cache-control
private

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad number| _gfp_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars object| jQuery112403390863897643013 object| twemoji object| wp function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_logging_queue object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Cookies function| _ object| _wpUtilSettings object| wpreview function| wp_review_rate function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUn7JRsLqx4smlw4NnAf9kZW6-jI-MDRzDg5xDVAk7NPoMrT-NOBkPzOMKrg

1 Console Messages

Source Level URL
Text
console-api log URL: https://orebrotribune.se/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
orebrotribune.se
pagead2.googlesyndication.com
www.googletagservices.com
173.249.41.110
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:818::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2002
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
080cf3de5031b9caac353875e8969fd80a548c9f39fdf4627a8c65abddad8b04
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
14c44f461189bdc13e80835f677e67914b3b38300b622c9b18070052ce61caa4
1b0b1c9bf2b750b66f3d6690d4ead636d4f061cf81d4b25590b18f2440f1d96d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2b2ad2e550673b99c2b2cd3178e7ba90eb9340ff9604d4df8e96a28c0e1972d0
2d811a180e64e3b7243e26033806122acff0362b59a037860ab7a16ec51350af
3c3ccdd776d92738da9e33038d466737f87146f8f61a2fde622c1eb32ae4e303
3e13b2f163861d6f2be5c1ddb66a351bf69b8fbcc725d3eec2016be532193840
47e9da9dc7554728e52dae4650e431a62b5d2b66aa2abd3ae519aa51ebd229f5
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c
50357330388c9f893098703e0404dc8b89d0fb57f9b2d966f669c164f8b439f3
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
6bf1f6eb3722c5ed6cbeed9f61ac7b00d24c4b3198c89348e7684a2982536abf
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
7502c49c9f5030cb3eb2ad42f727bdd925b3e22eb26384c4718c81a131c4e4b5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
85a97e6ad47adb84d81316e63c7cf4b913b06201f95fe393fdbdd501dc0042b9
8b7a373b15fe7ca0089f2665b272895e076acd2c02a760438ada1c9050b11b67
8e72c3020a3e9f6249d68931fedd2d69b6a7ddad07f06c81aad90da78f9e898a
8fc7dbb9d3b5b596bbf99cec9006a42dc1412d56a9da67fa5fe09d006ca16738
9a0a4c733ed6360aed3751ba199245b6d4037322a47b9d53d8e2c9b605f51fe2
9e2c3501650bf50a4d7d890902dbcba693e66ae153e6661edefa17ae5ec6207b
a155774b632d61296b744d80a53b1cc5294a4b61740877656256a160b29916d5
a56ca0c97efe54c1e67bd2b05d33ac20cd2bb50a9b0c552f5fee945e7013c480
ac4a458417bc7bcb30c856c778b0ffa471aa934335c41916f8c0ca607918de0f
ae43d4f6b65853595462a7373cd82c4f3081455b181a75e8a24d8f8c8be9eb78
b6fbc563b614beb07727882bbbd837a37eac55c3eae9622c68294e6158d604c7
bb2a80dc3e72230cd009ad952ebac959905d921e509aebe911704557d0311da3
bfae5704726a9dd5a312dd81a1516247fdfb23b7ca16f7c7bfbd48ce41846c2b
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
dbfb69d1031a947b7794a20d38f0d34f17608d4e7f74026f6920c916dd45101d
e1c9e09fc8cd25a92b51e41a8ca4e0bf3b94ffe3bc3884681f987d59187aaf7e
e774f2ec4a865f5a5b4f9926802fca9c891fe3d42a4ee00e43498c82ec122c4d
e79bb96b6b69721c86ebe3b3fe761002d4c8fb54c1dde4c863bad3ba561216d3
e918d15472f598f8353d08710ff6d3e17400b459842195970364b0d33a715bb1
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f6f3d53dd2240261f157695adf386a5c08014298c19f62ccf63cd162996892d0