xn--vder24-bua.se Open in urlscan Pro Puny
väder24.se IDN
2a02:250:0:8::53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--vder24-bua.se/
Effective URL:
https://xn--vder24-bua.se/
Submission: On February 26 via manual (February 26th 2022, 7:17:16 pm UTC) from QA — Scanned from DE

Summary HTTP 61 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 11 domains to perform 61 HTTP transactions. The main IP is 2a02:250:0:8::53, located in Sweden and belongs to LOOPIA, SE. The main domain is xn--vder24-bua.se.
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.

This is the only time xn--vder24-bua.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	2a02:250:0:8::53 2a02:250:0:8::53	39570 (LOOPIA) (LOOPIA)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
61	17

19 2a02:250:0:8::53 (Sweden) 1 redirects

ASN39570 (LOOPIA, SE)

xn--vder24-bua.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	xn--vder24-bua.se 1 redirects xn--vder24-bua.se	2 MB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	218 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37	37 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 349 fonts.googleapis.com — Cisco Umbrella Rank: 35	172 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 59	2 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8810 adservice.google.ca — Cisco Umbrella Rank: 12901	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	39 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	650 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	3 KB
61	11

	Domain	Requested by
19	xn--vder24-bua.se	1 redirects xn--vder24-bua.se
10	pagead2.googlesyndication.com	xn--vder24-bua.se pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	maps.googleapis.com	xn--vder24-bua.se maps.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	1 redirects xn--vder24-bua.se tpc.googlesyndication.com
2	www.google-analytics.com	xn--vder24-bua.se www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.ca	xn--vder24-bua.se
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdnjs.cloudflare.com	xn--vder24-bua.se
61	17

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
instagram.com
www.tv4play.se
www.svtplay.se
youtu.be
www.yr.no
www.met.no
www.smhi.se
policies.google.com
yr.no
met.no
smhi.se

Subject Issuer	Validity	Valid
xn--vder24-bua.se R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://xn--vder24-bua.se/
Frame ID: C11341038A2FA608F3294BA22D390609
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: 529FBC65D835EC47DE969FD599884B56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1645903031&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031519&bpp=5&bdt=379&idt=118&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&correlator=6507703697269&frm=20&pv=2&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xOPLo63gyR&p=https%3A//xn--vder24-bua.se&dtd=135
Frame ID: FF39E14E663EC00F11BA7FF7109E8DE4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&adk=1812271804&adf=3025194257&lmt=1645903031&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--vder24-bua.se%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031533&bpp=2&bdt=393&idt=131&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=6507703697269&frm=20&pv=1&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=137
Frame ID: D255DD1675C7D5025A09A8BB4082C79B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C70C81283DD8C0638E90D35F32B6E55
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js
Frame ID: E2CB7C30A185BCC8B60775506094315E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22A76A1F68381C1BA8F5023E86233CED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F2104A8C9CB64BDE59C181A707BAD439
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Väder 24 / 7 för Sverige och världen via YR och SMHI - Väder24

Page URL History Show full URLs

http://xn--vder24-bua.se/ HTTP 301
https://xn--vder24-bua.se/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

61
Requests

100 %
HTTPS

94 %
IPv6

11
Domains

17
Subdomains

17
IPs

4
Countries

2123 kB
Transfer

3836 kB
Size

10
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/vader24.se/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vader24.se/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tv/CaaXqOADZKy/
Title: <img src="https://xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/placeholder.png" alt="Happy weekend friends, and take care of each other💙 . #norrsken #northernlights #auroraborealis #aurora #norrskensverige #nordlys #nature_skyshots #bns_sky #nature_up_close #sonya7rii #ig_auroraborealis #ig_week_sky #sweden_photolovers #passion_4_living_photos #astrophotography #visitjämtland #norrskenjämtland #snappingscandinavia #ig_week_nature #explore_skies #nordic_nature_vackrastenatur #nightphotography #stars #skylovers #tv4vädret #polarsken #smhiväder #longexposure #love_sweden">

Search URL Search Domain Scan URL

URL: https://instagram.com/tv4vadret
Title: tv4vadret

Search URL Search Domain Scan URL

URL: https://www.tv4play.se/program/v%C3%A4der
Title: TV4 Play

Search URL Search Domain Scan URL

URL: https://www.svtplay.se/vader
Title: SVT Play

Search URL Search Domain Scan URL

URL: https://youtu.be/cqEkXL2q31o
Title: YouTube kanal

Search URL Search Domain Scan URL

URL: https://instagram.com/vader24.se/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.yr.no/
Title: YR

Search URL Search Domain Scan URL

URL: https://www.met.no/
Title: met.no

Search URL Search Domain Scan URL

URL: https://www.smhi.se/
Title: SMHI

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites
Title: Googles villkor

Search URL Search Domain Scan URL

URL: https://yr.no/
Title: YR

Search URL Search Domain Scan URL

URL: https://met.no/
Title: MET Norge

Search URL Search Domain Scan URL

URL: https://smhi.se/
Title: SMHI

Search URL Search Domain Scan URL

URL: https://www.instagram.com/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--vder24-bua.se/ HTTP 301
https://xn--vder24-bua.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

61 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xn--vder24-bua.se/
Redirect Chain

http://xn--vder24-bua.se/
https://xn--vder24-bua.se/

56 KB
16 KB

416ms
286ms

Document
text/html

2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx / PHP/7.4.27
Resource Hash: 183e5ec8ec3ee894939e00d92469f2b747d245632fd21d149a428d36e5a6e958

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 26 Feb 2022 19:17:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
x-loopia-node: 172.22.223.39
content-encoding: br

Redirect headers

Server: nginx
Date: Sat, 26 Feb 2022 19:17:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://xn--vder24-bua.se/

GET
H2 200 5rd7t.css
xn--vder24-bua.se/wp-content/cache/wpfc-minified/6v49mli5/ 26 KB
6 KB 54ms
54ms Stylesheet
text/css 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/6v49mli5/5rd7t.css
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: dc924b2240a45fa0bf43ef1ba5417d0bac5dcab3f38b915fb7adaf59c79c29e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 weather-icons.min.css
cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.5/css/ 25 KB
3 KB 71ms
35ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.5/css/weather-icons.min.css

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f07a3004bdc8edede2a311d63b8ddd6a7cd1f947de12beb198978a867bcfca32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 151559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2757
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-6201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQbIngxuznkUTfo0Kv6FFnfqRvDMV%2B8LsQK3zg%2FAZHNIekoDGf9KLxNNVAyJyDG92XMQmZyAhpWFvS352YPSPmHOXJtjPtCvsMOqo41z9k8PhKrU%2Bi%2BJN%2BgBlfboaOom6btTeLpL60aeGsKbqFncrlW8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e3b831908395c26-FRA
expires: Thu, 16 Feb 2023 19:17:11 GMT

GET
H2 200 5rd7t.css
xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/ 164 KB
38 KB 55ms
54ms Stylesheet
text/css 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 1f2a813a2db4af03158a0d1a9cb6314358b3921f89bf39ccd4aa7b3e2bfec06d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 148ms
93ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

925f1bfe108cee85e02f934545f9f68acc3105df13a514b538ea7e5eaef6e0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52298
x-xss-protection: 0
server: cafe
etag: 17835859205255478953
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Feb 2022 19:17:11 GMT

GET
H2 200 5rd7t.css
xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/ 58 KB
12 KB 54ms
53ms Stylesheet
text/css 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/5rd7t.css
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 771c7db692f18dc2a4c407f3892235d7b5198b0bac5f628e032e2a31ce0849f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 5rd7t.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/1zf4e9sc/ 320 KB
112 KB 93ms
92ms Script
application/javascript 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/1zf4e9sc/5rd7t.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: f0b478f4b5a58bc2a90b817f68568520ae0ea82777cf5753ba52043d43be987b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 160 KB
52 KB 102ms
45ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

2575b151592581afb5713cf0738d1b9627cb583e9d8683cbfa932377c4a03f6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53166
x-xss-protection: 0
expires: Sat, 26 Feb 2022 19:47:11 GMT

GET
H2 200 5rd7t.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/8n6ttkid/ 52 KB
15 KB 52ms
51ms Script
application/javascript 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/8n6ttkid/5rd7t.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4d638ae61b90856fc2033f0380c4116512bab5c483bf52ff8354a98c5058e851

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 5rd7t.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/33a7fxly/ 2 KB
963 B 55ms
55ms Script
application/javascript 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/33a7fxly/5rd7t.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 5rd7t.js Show response
xn--vder24-bua.se/wp-content/cache/wpfc-minified/jqffegu4/ 225 KB
74 KB 52ms
51ms Script
application/javascript 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/jqffegu4/5rd7t.js
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0af82ff5927865aa2406a053756b906cda365c66f6e6c411d196e3dbeeece358

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sat, 19 Feb 2022 22:29:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6138
date: Sat, 26 Feb 2022 17:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 26 Feb 2022 19:34:53 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 var-vader-top-s.jpg
xn--vder24-bua.se/wp-content/uploads/2018/04/ 1 MB
1 MB 56ms
56ms Image
image/jpeg 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/uploads/2018/04/var-vader-top-s.jpg
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0cb81f86fa7f8890822609ca7b5416823543ab0e1e6773c3ecb2841892442840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
last-modified: Wed, 08 Aug 2018 17:13:11 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 1123395
expires: max-age=A10368000, public

GET
H2 200 smile.fe6b77b1.svg
xn--vder24-bua.se/wp-content/plugins/weather/public/img/ 162 B
366 B 51ms
51ms Image
image/svg+xml 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/plugins/weather/public/img/smile.fe6b77b1.svg
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0d82c7e198f342689c777b3d0cdd606874e7665c993cafc82f02d0673c6568a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Thu, 13 Jan 2022 12:52:32 GMT
server: nginx
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 fontawesome-webfont.woff2
xn--vder24-bua.se/wp-content/themes/vader24/fonts/ 55 KB
56 KB 86ms
86ms Font
application/font-woff2 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/themes/vader24/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Origin: https://xn--vder24-bua.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sun, 27 Sep 2015 22:26:52 GMT
server: nginx
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H2 200 RalewayRegular.woff2
xn--vder24-bua.se/wp-content/themes/vader24/fonts/ 38 KB
38 KB 85ms
85ms Font
application/font-woff2 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/themes/vader24/fonts/RalewayRegular.woff2
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 6201cb696067ffd18edb77e7bc397894265fd5d8c8646c9ea2393ab637dd1541

Request headers

Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/fi1d5a11/5rd7t.css
Origin: https://xn--vder24-bua.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: br
last-modified: Sun, 27 Sep 2015 22:26:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
expires: max-age=A10368000, public

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 54ms
29ms XHR
application/json 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xn--vder24-bua.se
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 48ms
23ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1377833346&t=pageview&_s=1&dl=https%3A%2F%2Fxn--vder24-bua.se%2F&ul=en-us&de=UTF-8&dt=V%C3%A4der%2024%20%2F%207%20f%C3%B6r%20Sverige%20och%20v%C3%A4rlden%20via%20YR%20och%20SMHI%20-%20V%C3%A4der24&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=737041505&gjid=1343037523&cid=1418785944.1645903031&tid=UA-67188436-1&_gid=1206385903.1645903031&_r=1&_slc=1&z=571957110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--vder24-bua.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--vder24-bua.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 typeahead.php Show response
xn--vder24-bua.se/wp-content/plugins/weather/public/ 204 KB
68 KB 780ms
780ms XHR
application/json 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/plugins/weather/public/typeahead.php
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/1zf4e9sc/5rd7t.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx / PHP/7.4.27
Resource Hash: ec5badabee79b92991cc0418086269cb19398072bfd4c023377cf2bf28ff32c5

Request headers

Accept: */*
Referer: https://xn--vder24-bua.se/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.27
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://xn--vder24-bua.se
access-control-allow-credentials: true
x-loopia-node: 172.22.223.39

POST
H2 200 typeahead.php Show response
xn--vder24-bua.se/wp-content/plugins/weather/public/ 262 B
438 B 692ms
692ms XHR
text/html 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--vder24-bua.se/wp-content/plugins/weather/public/typeahead.php
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/1zf4e9sc/5rd7t.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx / PHP/7.4.27
Resource Hash: c3614da9cf80fabdcd8118563f7e49e6c98117071f38efe272213c75e511c4c7

Request headers

Accept: */*
Referer: https://xn--vder24-bua.se/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
content-encoding: br
server: nginx
x-powered-by: PHP/7.4.27
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://xn--vder24-bua.se
access-control-allow-credentials: true
x-loopia-node: 172.22.223.39

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sbi-sprite.png
xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/ 4 KB
4 KB 52ms
52ms Image
image/png 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/sbi-sprite.png
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/5rd7t.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 9de999e7d4aa267a5acee4a0aed70ae6df10838613e9627a97a63cf47feb173e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/wp-content/cache/wpfc-minified/m8d7avhy/5rd7t.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
last-modified: Sat, 19 Feb 2022 22:29:09 GMT
server: nginx
content-type: image/png
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 3943
expires: max-age=A10368000, public

GET
H2 200 274810566_1318351398640718_4887656292462899327_nfull.jpg
xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/ 21 KB
21 KB 51ms
50ms Image
image/jpeg 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/274810566_1318351398640718_4887656292462899327_nfull.jpg
Requested by: Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8faf61ec1ad92c7bf6685380b22529d97cdc8f512a172c30692954d83f3782d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
last-modified: Fri, 25 Feb 2022 22:30:17 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 21499
expires: max-age=A10368000, public

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 73ms
23ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67188436-1&cid=1418785944.1645903031&jid=737041505&gjid=1343037523&_gid=1206385903.1645903031&_u=IEBAAEAAAAAAAC~&z=1409771615

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--vder24-bua.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Feb 2022 19:17:11 GMT
content-type: text/plain
access-control-allow-origin: https://xn--vder24-bua.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/ 283 KB
102 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9c9631eb9689ce08172c133e301bbdf05a6965eb95baa57666a9dd34bb034bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104318
x-xss-protection: 0
server: cafe
etag: 6915458567960364773
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Feb 2022 19:17:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame 529F 10 KB
5 KB 62ms
18ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 26 Feb 2022 04:58:03 GMT
expires: Sat, 12 Mar 2022 04:58:03 GMT
cache-control: public, max-age=1209600
age: 51548
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 83ms
41ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67188436-1&cid=1418785944.1645903031&jid=737041505&_u=IEBAAEAAAAAAAC~&z=1745098967

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 84ms
42ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67188436-1&cid=1418785944.1645903031&jid=737041505&_u=IEBAAEAAAAAAAC~&z=1745098967

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
650 B 104ms
24ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--vder24-bua.se&callback=_gfp_s_&client=ca-pub-1847608235460551

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7d9841eb34091f42747f1021833b2985cf552c3a687611e9884c2387a5cc85e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 112ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=xn--vder24-bua.se

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
25ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--vder24-bua.se

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 19:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF39 87 KB
31 KB 383ms
356ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1645903031&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031519&bpp=5&bdt=379&idt=118&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&correlator=6507703697269&frm=20&pv=2&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xOPLo63gyR&p=https%3A//xn--vder24-bua.se&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67ca1fb3f9c26af4d3a11c63a17041346ad82e39e22902f65ebf789c763992b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 26 Feb 2022 19:17:12 GMT
server: cafe
content-length: 31942
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Feb 2022 19:17:12 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fxn--vder24-bua.se%2F&tn=DIV&cls=cli-modal-backdrop%20cli-fade%20cli-popupbar-overlay%20cli-show&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: xn--vder24-bua.se
URL: https://xn--vder24-bua.se/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D255 0
19 B 125ms
113ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&adk=1812271804&adf=3025194257&lmt=1645903031&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--vder24-bua.se%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031533&bpp=2&bdt=393&idt=131&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&prev_fmts=1170x280&nras=1&correlator=6507703697269&frm=20&pv=1&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=137

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 26 Feb 2022 19:17:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Feb 2022 19:17:11 GMT
cache-control: private

GET
H2 200 d236ac784afdc66bd75f55f83c8bc285.js Show response
www.gstatic.com/mysidia/ Frame FF39 8 KB
4 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d236ac784afdc66bd75f55f83c8bc285.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1645903031&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031519&bpp=5&bdt=379&idt=118&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&correlator=6507703697269&frm=20&pv=2&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xOPLo63gyR&p=https%3A//xn--vder24-bua.se&dtd=135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 00:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3664
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 00:57:37 GMT

GET
H2 200 47b2c5ef24c0ac2e7e4fb8b2ded5fd84.js Show response
www.gstatic.com/mysidia/ Frame FF39 8 KB
4 KB 58ms
16ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/47b2c5ef24c0ac2e7e4fb8b2ded5fd84.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41d557e5430453c9223fde9cc2e2ab3030a37628310635ac468b2bc558933781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3622
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 May 2022 07:29:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FF39 8 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Feb 2022 18:21:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 26 Feb 2022 19:17:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Feb 2022 19:17:12 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame FF39 2 KB
983 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 19:15:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame FF39 19 KB
8 KB 72ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7875
x-xss-protection: 0
server: cafe
etag: 9606807595520751986
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 19:08:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame FF39 2 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 19:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF39 124 KB
39 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Feb 2022 19:17:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame FF39 15 KB
6 KB 74ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Mar 2022 19:12:36 GMT

GET
H3 200 638238a1c081a92848b457a11fb7df3a.js Show response
www.gstatic.com/mysidia/ Frame FF39 28 KB
12 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638238a1c081a92848b457a11fb7df3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 00:57:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 01:11:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 24 May 2022 00:57:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FF39 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsGCit3waYoX8KtbD7_UP0fmWyA-Fgd3sZor6tOu6DJaCzYWIFhABIKW2mgZgfaABrfjqywPIAQGpAkdmPJbSlXw-qAMByAPLBKoExQFP0KZODQaliHfBO-0qs7ogZFiW-SPS5KIrorI3AXs0OLTIMUFCKqLUzyu0TR41Vt2YkGw2CH4_z871WH-Wo1WqXrbNmfgAmrq9_biOdtzPHnGrBP19uZ3yciOfa6CfhkvMZMz0zIlWUnyfaobU3pA9J_RObAoo8yEK6QnottXs8Q3pucOhCHKnNaRsxJY0yHREqGQEzdxfmZAoZnLI6UtAlRweaolOhYp_cF9yBSWBJH9q38re03rbvd5x8k35kBUujIV0h8AE-6zw06cCkgUECAQYAZIFBAgFGASAB7uHlTSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDnvSDSCAcIgGEQARgfgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTE4NDc2MDgyMzU0NjA1NTEYAA&sigh=k699XJW0PWE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1645903031&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031519&bpp=5&bdt=379&idt=118&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&correlator=6507703697269&frm=20&pv=2&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xOPLo63gyR&p=https%3A//xn--vder24-bua.se&dtd=135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 26 Feb 2022 19:17:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Feb 2022 19:17:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C70 143 B
163 B 17ms
16ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1847608235460551&output=html&h=280&slotname=9222932846&adk=1136449372&adf=1260777688&pi=t.ma~as.9222932846&w=1170&fwrn=4&fwrnh=100&lmt=1645903031&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fxn--vder24-bua.se%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1645903031519&bpp=5&bdt=379&idt=118&shv=r20220223&mjsv=m202202140201&ptt=9&saldr=aa&abxe=1&correlator=6507703697269&frm=20&pv=2&ga_vid=1418785944.1645903031&ga_sid=1645903032&ga_hid=1377833346&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430%2C31064037%2C31064915%2C31064018%2C31062931&oid=2&pvsid=1911585507935108&pem=821&tmod=571664775&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xOPLo63gyR&p=https%3A//xn--vder24-bua.se&dtd=135

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sat, 26 Feb 2022 19:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FF39 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae377a6e785a7a942340dc4756702cf2b7fca0077a4ae73db00ab7c9a30e85c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame FF39 28 KB
28 KB 58ms
17ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:14:29 GMT
x-content-type-options: nosniff
age: 349363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:14:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

76ms
76ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 26 Feb 2022 19:17:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Feb 2022 19:17:12 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 26 Feb 2022 19:17:12 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 placeholder.png
xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/ 176 B
361 B 50ms
49ms Image
image/png 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/plugins/instagram-feed-pro/img/placeholder.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
last-modified: Sat, 19 Feb 2022 22:29:09 GMT
server: nginx
content-type: image/png
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 176
expires: max-age=A10368000, public

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 55ms
30ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220223&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4741ad17a3fe88470172df348fad7bef79b57e02854e6fd37d00d8e85f3f7233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 26 Feb 2022 19:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9879
x-xss-protection: 0

GET
H3 200 -4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js Show response
pagead2.googlesyndication.com/bg/ Frame E2CB 35 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8b188afeee16e807d4f8157916f417b80bdcddbba1b762cd38b12d233e80f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:01:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202140201/show_ads_impl_fy2019.js?bust=31064915

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Feb 2022 19:17:12 GMT

GET
H2 200 274810566_1318351398640718_4887656292462899327_nfull.jpg
xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/ 21 KB
21 KB 51ms
50ms Image
image/jpeg 2a02:250:0:8::53
LOOPIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--vder24-bua.se/wp-content/uploads/sb-instagram-feed-images/274810566_1318351398640718_4887656292462899327_nfull.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:250:0:8::53 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8faf61ec1ad92c7bf6685380b22529d97cdc8f512a172c30692954d83f3782d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
last-modified: Fri, 25 Feb 2022 22:30:17 GMT
server: nginx
content-type: image/jpeg
cache-control: max-age=10368000
x-loopia-node: 172.22.223.39
accept-ranges: bytes
content-length: 21499
expires: max-age=A10368000, public

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 22A7 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Feb 2022 16:09:03 GMT
expires: Sun, 26 Feb 2023 16:09:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 11289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F210 783 B
536 B 27ms
27ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

600892fe9e8b75895aa0cd87937d4d40537bed8a5430968cb6d7334601054402

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6U5HpGE8Et/VjdU980gRIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 26 Feb 2022 19:17:12 GMT
date: Sat, 26 Feb 2022 19:17:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6U5HpGE8Et/VjdU980gRIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js Show response
pagead2.googlesyndication.com/bg/ Frame 22A7 35 KB
14 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-4sYiv7uFugH1PgVeRb0F7gL3N27obdizTixLSM-gPg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8b188afeee16e807d4f8157916f417b80bdcddbba1b762cd38b12d233e80f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:01:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:01:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F210 0
0 101ms
101ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220223&jk=1911585507935108&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 22A7 0
9 B 16ms
15ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UI2o_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 19:17:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220223&jk=1911585507935108&bg=!GRqlGl7NAAas2QJZrNk7ACkAdvg8WrxaIoBFSJkMYYwFr1yxcUYxIw2hgmx_cHlcDLvtIwWI6uZqpAIAAAB1UgAAAAJoAQcKAJ1Nor3-exAtQ50i057O6UDEqREKZGN-BYiCkKZxSORM-vL3KTe7hhDU9MJRfcD45VX2eOHhhweo7N4OfORmFEZ8-c-njVi7_GvTJbRJpvgS-ztvJKTEolvhSSakOw_G0q2NDTaWFZFUkDOJtXKKGRhAG-UQd3xomHqoI6ZfTXcyhzHwi88m9BDoGSWSNMKsQKDAUlaoQw_C0mbACHvbmQLVVy2yRoexL1Ng3ZLFh8ss_-_Qgzh7bhuAw9RwF1oh0R-ykwItOSAsrRhWqkhKcbizSE93LnIxnTBZLwvo08c8_FTWL3uyI2e4Zq4oSU_21lBnPf9RsmR9NPBEQRJISIjpsMAknTRJ8v6jXTdcgcx6IXQbQjQ8iJMucega2PFiIPozCGCq0mx1bDSBIL8W4sWgkXVVp8_4ieOUhwsE65tI4K4_TNUjKLAHN1zRFzYVqFS_kaGdosE2CpLOCh6zxoc-5WDJ0K-tCWJzEgEQOx_n6jkvXZ-TRllqoUwN6Mgt0kDOK6bcbhijyZSTO-uEeQ0AE53lDE12wGqqrbRQanIRPABiQyoXBvXX7i8BkX2ryqhdbB5t1agdtCKQiXKAHUpAQtXaICW8-ckjIj0IC-rRIO3jvp6ornQ_4VSjPyv5axx_ypb0cxIoJFCj8euDlB8YbASSCHWZjCT6sJjo9wwnpRJfheAJB6KaP8exjUHwNoudvRzVYFt9AQtemp9acITV3Ymlq7eIBy3nDBDTokeQpW4XGkSKMGpqQQxEtI--ts6kM2uSpBts9PPtBkiAXrKZ6aUqcaCUyzRUkHVP79HFo16m8OxAxqRgEeD0oZ5cqSQOz_XrICVZbnGhGkLjQN1xvsIP1966nZTulWqUO0ER_OO1EZFhg93oXYLdbEykoK5CcJgSBota-Z8sDa0QtXqfc6Kno6d9sWqNqfidJHCZc1jX89JiwjEaMWKFsfTqfgkL4qSG0kCr99_j4tU_1k3edTHG1yn8NTZE6joJesqBLPcRg0bRXs_zkZs3ue8H9daszwylHqf55SF0fB-ydG4lQ5JaDNCl3Gw3oKufktqjO6b_naAJecONt7wnK3paLibTOEH0TZkOsBDbAHY4eEJ7TWtfNwPtXLRzhDr0CdxYUp0q-FgwhoW63R2eLgCKou-30kpOiCrMpkyaAn13lOAjrKjmRPY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF39 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty0CcUKtD9F7ltwvFFoED39bMb3ExKb98m-gz9hTwp1H3AMYxpqGRGZYAkqdgl3eujawgLiAXPKQ4ZZhOUqCXFUNm7rrRLiI9SR9cBtqUa-JKC_Vk&sai=AMfl-YRmYHq94VIJNool6rFzIKGCdK6mtYZLL3tNKrx-B3UUluPB6pKa-owOITU6paNGqBeyp7c-VtuwjZ2W&sig=Cg0ArKJSzMAnW0rN8SF1EAE&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1136449372&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645903031656&rpt=765&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Feb 2022 19:17:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/2/intl/de_ALL/ 79 KB
29 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/2/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9162648204ab102677e3decb46644af98be24c95b4531c9dd34a3f054b26320f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 20:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29519
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 22:53:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 20:13:02 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/2/intl/de_ALL/ 294 KB
90 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/2/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBpORyGzYWhtYtaLOVhnVmyQDPc8IKvbbI&libraries=places&callback=initMap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e70b834daf6644629887986c97815e8070c512c5668dcac039dc85b0fda953ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--vder24-bua.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 20:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92013
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 22:53:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 20:13:02 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn--vder24-bua.se/	1970-01-20 18:42:55	Name: _ga Value: GA1.2.1418785944.1645903031
.xn--vder24-bua.se/	1970-01-20 01:13:09	Name: _gid Value: GA1.2.1206385903.1645903031
.xn--vder24-bua.se/	1970-01-20 01:11:43	Name: _gat Value: 1
xn--vder24-bua.se/	1970-01-20 09:57:19	Name: cookielawinfo-checkbox-necessary Value: yes
xn--vder24-bua.se/	1970-01-20 09:57:19	Name: cookielawinfo-checkbox-funktionellt Value: yes
xn--vder24-bua.se/	1970-01-20 09:57:19	Name: cookielawinfo-checkbox-analytics Value: yes
xn--vder24-bua.se/	1970-01-20 09:57:19	Name: cookielawinfo-checkbox-advertisement Value: yes
.xn--vder24-bua.se/	1970-01-20 10:33:19	Name: __gads Value: ID=f88b46b964137e18-22e731244dcd00e7:T=1645903031:RT=1645903031:S=ALNI_MYZyen8KjFrjlbqU8syhx4cZBxl5g
.doubleclick.net/	1970-01-20 18:42:55	Name: IDE Value: AHWqTUnb4k2wwyyIzJUXdE5aFvidQW4cYnaB1kqSBa-JBe5lVKPaZkb_4NyRrmxNgwo
.doubleclick.net/	1970-01-20 01:11:46	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maps.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagservices.com
www.gstatic.com
xn--vder24-bua.se
142.250.184.226
2606:4700::6810:125e
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a02:250:0:8::53
0280b5ec07025974d745833d91f3f71aff053cdb5aebbe37ab368b0284a56f81
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0af82ff5927865aa2406a053756b906cda365c66f6e6c411d196e3dbeeece358
0cb81f86fa7f8890822609ca7b5416823543ab0e1e6773c3ecb2841892442840
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d82c7e198f342689c777b3d0cdd606874e7665c993cafc82f02d0673c6568a1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183e5ec8ec3ee894939e00d92469f2b747d245632fd21d149a428d36e5a6e958
1f2a813a2db4af03158a0d1a9cb6314358b3921f89bf39ccd4aa7b3e2bfec06d
2575b151592581afb5713cf0738d1b9627cb583e9d8683cbfa932377c4a03f6f
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
41d557e5430453c9223fde9cc2e2ab3030a37628310635ac468b2bc558933781
4741ad17a3fe88470172df348fad7bef79b57e02854e6fd37d00d8e85f3f7233
4d638ae61b90856fc2033f0380c4116512bab5c483bf52ff8354a98c5058e851
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bc5fe165e8fab88549d56628bcc4ad463235f7f995c0477fb90fc78698be265
600892fe9e8b75895aa0cd87937d4d40537bed8a5430968cb6d7334601054402
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6201cb696067ffd18edb77e7bc397894265fd5d8c8646c9ea2393ab637dd1541
67ca1fb3f9c26af4d3a11c63a17041346ad82e39e22902f65ebf789c763992b4
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
771c7db692f18dc2a4c407f3892235d7b5198b0bac5f628e032e2a31ce0849f9
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7d9841eb34091f42747f1021833b2985cf552c3a687611e9884c2387a5cc85e0
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8faf61ec1ad92c7bf6685380b22529d97cdc8f512a172c30692954d83f3782d2
9162648204ab102677e3decb46644af98be24c95b4531c9dd34a3f054b26320f
925f1bfe108cee85e02f934545f9f68acc3105df13a514b538ea7e5eaef6e0a8
9de999e7d4aa267a5acee4a0aed70ae6df10838613e9627a97a63cf47feb173e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae377a6e785a7a942340dc4756702cf2b7fca0077a4ae73db00ab7c9a30e85c2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c3614da9cf80fabdcd8118563f7e49e6c98117071f38efe272213c75e511c4c7
c9c9631eb9689ce08172c133e301bbdf05a6965eb95baa57666a9dd34bb034bb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ceb44e7752ef40b3709b862944deb1f8e355741da63a3217cd5856415453103a
dc924b2240a45fa0bf43ef1ba5417d0bac5dcab3f38b915fb7adaf59c79c29e2
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b834daf6644629887986c97815e8070c512c5668dcac039dc85b0fda953ab
ec5badabee79b92991cc0418086269cb19398072bfd4c023377cf2bf28ff32c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07a3004bdc8edede2a311d63b8ddd6a7cd1f947de12beb198978a867bcfca32
f0b478f4b5a58bc2a90b817f68568520ae0ea82777cf5753ba52043d43be987b
f328f4ae2fe983386843cc07db0af78c5fe9fa5ae67812f80062d5baa0e61047
f623564c53c2e08780c064012cfbdbde0a80ee56816f4d5d3d52c46ed285cb95
fb8b188afeee16e807d4f8157916f417b80bdcddbba1b762cd38b12d233e80f8

xn--vder24-bua.se Open in urlscan Pro Puny väder24.se IDN 2a02:250:0:8::53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

94 %IPv6

11 Domains

17 Subdomains

17 IPs

4 Countries

2123 kBTransfer

3836 kBSize

10 Cookies

16 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--vder24-bua.se Open in urlscan Pro Puny
väder24.se IDN
2a02:250:0:8::53 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

94 %
IPv6

11
Domains

17
Subdomains

17
IPs

4
Countries

2123 kB
Transfer

3836 kB
Size

10
Cookies

61 HTTP transactions
3 data transactions