Submitted URL: https://news.mailbox.se/campaigns/fo53490d8860d/track-url/bx880xenst4d3/20d03f2079f4b29b16edaf681760d5d41aa3b0af
Effective URL: https://nyhetsfilter.com/
Submission Tags: falconsandbox
Submission: On January 20 via api from US

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 144.76.165.176, located in Germany and belongs to HETZNER-AS, DE. The main domain is nyhetsfilter.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 30th 2020. Valid for: 3 months.
This is the only time nyhetsfilter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.28.192.30 3301 (TELIANET-...)
1 5 144.76.165.176 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
8 4
Domain Requested by
4 nyhetsfilter.com nyhetsfilter.com
2 www.google-analytics.com www.googletagmanager.com
1 cdn.jsdelivr.net nyhetsfilter.com
1 www.googletagmanager.com nyhetsfilter.com
1 nyhetr.se 1 redirects
1 news.mailbox.se 1 redirects
8 6

This site contains no links.

Subject Issuer Validity Valid
nyhetsfilter.com
Let's Encrypt Authority X3
2020-11-30 -
2021-02-28
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh

This page contains 1 frames:

Primary Page: https://nyhetsfilter.com/
Frame ID: 2ADEA71D3B03C1B9878D484E91725CCE
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://news.mailbox.se/campaigns/fo53490d8860d/track-url/bx880xenst4d3/20d03f2079f4b29b16edaf681760... HTTP 301
    http://nyhetr.se/v.php?id=820023 HTTP 302
    https://nyhetsfilter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

117 kB
Transfer

232 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.mailbox.se/campaigns/fo53490d8860d/track-url/bx880xenst4d3/20d03f2079f4b29b16edaf681760d5d41aa3b0af HTTP 301
    http://nyhetr.se/v.php?id=820023 HTTP 302
    https://nyhetsfilter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nyhetsfilter.com/
Redirect Chain
  • https://news.mailbox.se/campaigns/fo53490d8860d/track-url/bx880xenst4d3/20d03f2079f4b29b16edaf681760d5d41aa3b0af
  • http://nyhetr.se/v.php?id=820023
  • https://nyhetsfilter.com/
5 KB
2 KB
Document
General
Full URL
https://nyhetsfilter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.165.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.165.76.144.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bdcccc5637d2252d7a61029b34a4e90ee787ac7cb502b2cdb8e9ece57442dfc7

Request headers

Host
nyhetsfilter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 20 Jan 2021 15:42:18 GMT
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1520
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 20 Jan 2021 15:42:18 GMT
Server
Apache/2.4.18 (Ubuntu)
Location
https://nyhetsfilter.com/
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
out.css
nyhetsfilter.com/css/
18 KB
5 KB
Stylesheet
General
Full URL
https://nyhetsfilter.com/css/out.css
Requested by
Host: nyhetsfilter.com
URL: https://nyhetsfilter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.165.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.165.76.144.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8e5124b794b6a9011eb4b161656ea7c857d9e964b94871b50b0b2d66f6ec3ae7

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 20 Jan 2021 15:42:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 13:13:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4641-5b83b16c2ce00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5145
js
www.googletagmanager.com/gtag/
135 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0GWTBYXQL3
Requested by
Host: nyhetsfilter.com
URL: https://nyhetsfilter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6f949cb38f00b40e7cb6a4fb9baebeb94f76394773b222b0d098041ca706b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 15:42:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53153
x-xss-protection
0
expires
Wed, 20 Jan 2021 15:42:18 GMT
alpine.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.0.1/dist/
24 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.0.1/dist/alpine.js
Requested by
Host: nyhetsfilter.com
URL: https://nyhetsfilter.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
372d176d9effaf945828d38ab45ca0ea72cfa4cf2dfd4c3b06bf68dae1a31c3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2544269
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
6702
etag
W/"6087-M1bV+brVbvOK8O0cbaokayC7SmY"
x-served-by
cache-fra19151-FRA, cache-hhn4028-HHN
date
Wed, 20 Jan 2021 15:42:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
nf_small.png
nyhetsfilter.com/images/
19 KB
19 KB
Image
General
Full URL
https://nyhetsfilter.com/images/nf_small.png
Requested by
Host: nyhetsfilter.com
URL: https://nyhetsfilter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.165.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.165.76.144.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
16070966dd732f743848a4e5c5211c7f63d7ca369c8d62ab755da140a94af6eb

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 20 Jan 2021 15:42:18 GMT
Last-Modified
Wed, 06 Jan 2021 13:04:44 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4c06-5b83af7873300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
19462
nf_white_large.png
nyhetsfilter.com/images/
32 KB
32 KB
Image
General
Full URL
https://nyhetsfilter.com/images/nf_white_large.png
Requested by
Host: nyhetsfilter.com
URL: https://nyhetsfilter.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.165.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.165.76.144.clients.your-server.de
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
30dfcad891a0014211d5cc89cff8e9514420b5d73aa7f33dd1fda07f384a58cd

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 20 Jan 2021 15:42:18 GMT
Last-Modified
Wed, 06 Jan 2021 13:04:59 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"7e8c-5b83af86c14c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
32396
collect
www.google-analytics.com/g/
0
171 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0GWTBYXQL3&gtm=2oe1d0&_p=1076118207&sr=1600x1200&ul=en-us&cid=183154927.1611157339&_s=1&dl=https%3A%2F%2Fnyhetsfilter.com%2F&dr=&dt=Nyhetsfilter%20nyhetss%C3%B6k&sid=1611157338&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0GWTBYXQL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 15:42:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nyhetsfilter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
54 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-0GWTBYXQL3&gtm=2oe1d0&_p=1076118207&sr=1600x1200&ul=en-us&cid=183154927.1611157339&_s=2&dl=https%3A%2F%2Fnyhetsfilter.com%2F&dr=&dt=Nyhetsfilter%20nyhetss%C3%B6k&sid=1611157338&sct=1&seg=0&en=scroll&_et=7&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0GWTBYXQL3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nyhetsfilter.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Jan 2021 15:42:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nyhetsfilter.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| Alpine object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady

2 Cookies

Domain/Path Name / Value
.nyhetsfilter.com/ Name: _ga
Value: GA1.1.183154927.1611157339
.nyhetsfilter.com/ Name: _ga_0GWTBYXQL3
Value: GS1.1.1611157338.1.0.1611157338.0