urlscan.io logo urlscan.io
SecurityTrails logo

cas.se Open in urlscan Pro
194.9.94.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cas.se/?entity=63541
Effective URL: http://cas.se/?entity=63541
Submission: On August 25 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 194.9.94.86, located in Sweden and belongs to LOOPIA, SE. The main domain is cas.se.
This is the only time cas.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 194.9.94.86 39570 (LOOPIA)
2 7 172.67.196.21 13335 (CLOUDFLAR...)
2 142.250.186.99 15169 (GOOGLE)
6 142.250.185.194 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
3 142.250.185.129 15169 (GOOGLE)
1 216.58.212.132 15169 (GOOGLE)
21 8
1    194.9.94.86 (Sweden)

ASN39570 (LOOPIA, SE)
cas.se
7    172.67.196.21 (United States)

ASN13335 (CLOUDFLARENET, US)
domains.arcsin.se
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.com
3    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
1    216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
217 KB
7 arcsin.se
domains.arcsin.se
23 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
5 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 cas.se
cas.se
1 KB
21 6
Domain Requested by
7 domains.arcsin.se 2 redirects cas.se
domains.arcsin.se
6 pagead2.googlesyndication.com domains.arcsin.se
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com domains.arcsin.se
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 cas.se
21 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-29 -
2023-05-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://cas.se/?entity=63541
Frame ID: 7AA4C6C4C183FCE74C1E88484891545B
Requests: 1 HTTP requests in this frame

Frame: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Frame ID: 41852D60954F970B4F99D3B04A244393
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/zrt_lookup.html
Frame ID: 37396AF5632B45CDEBE88B8D65E286E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062596986263011&output=html&h=280&slotname=9310366746&adk=348137994&adf=438785099&pi=t.ma~as.9310366746&w=1200&fwrn=16&fwrnh=100&lmt=1661440097&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.arcsin.se%2Fcas.se%2F%3Fentity%3D63541%26entity%3D63541&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1661461995328&bpp=3&bdt=336&idt=332&shv=r20220824&mjsv=m202208230101&ptt=9&saldr=aa&correlator=4096281247118&frm=22&ife=1&pv=2&ga_vid=1364196159.1661461996&ga_sid=1661461996&ga_hid=1280968528&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2627128497&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069151%2C44771547&oid=2&pvsid=642984528574092&tmod=1627753141&uas=0&nvt=1&top=http%3A%2F%2Fcas.se%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.wb820sn22hl6&fsb=1&xpc=bS943uZlpE&p=https%3A//domains.arcsin.se&dtd=347
Frame ID: B7B7342A291386CBF221039A24D1EAE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0CA7553A7FA1A255E9BF55ECAE1FFB2E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F63817008E2F5C6A105D0DA67641FAED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Domän: cas.se

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

279 kB
Transfer

749 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://domains.arcsin.se/cas.se?entity=63541&entity=63541 HTTP 301
  • https://domains.arcsin.se/cas.se?entity=63541&entity=63541 HTTP 301
  • https://domains.arcsin.se/cas.se/?entity=63541&entity=63541

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cas.se/ 		920 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cas.se/?entity=63541
Protocol
HTTP/1.1
Server
194.9.94.86 , Sweden, ASN39570 (LOOPIA, SE),
Reverse DNS
Software
nginx / PHP/7.4.30
Resource Hash
7c960c1eccd39ee33c852352e5a5ea0ba0a9e62a4961a3da6ed0dd9cb4bcc935

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 21:13:14 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.30
/
domains.arcsin.se/cas.se/ Frame 4185
Redirect Chain
  • http://domains.arcsin.se/cas.se?entity=63541&entity=63541
  • https://domains.arcsin.se/cas.se?entity=63541&entity=63541
  • https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
19 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Requested by
Host: cas.se
URL: http://cas.se/?entity=63541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.196.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9769cb3d59f35bf674d8222a64711b60a8f0f024b41fe4f6403fcc85cbb9ead3

Request headers

Referer
http://cas.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
7407549bc815b8a8-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 21:13:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 25 Aug 2022 21:23:14 GMT
last-modified
Thu, 25 Aug 2022 15:08:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeQUM4Jeh%2FhjrvqO2hzmExUcidO8ZCtJ9PW33%2BESp4Q02tJvg%2Bkea%2BW3AEx%2B5b93Gdziyg1%2Bq%2FRKspzjU1WNtRxz9VNCKvkKxgr%2FkHj14ee1lhRneOzp45Dkznq%2F4a%2BwcuNMrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
80faf95cac206a387c3be62214f863eaca9c4573
x-github-request-id
57F0:0842:C477F7:CDA3E2:6307E5EA
x-proxy-cache
MISS
x-served-by
cache-ams21064-AMS
x-timer
S1661461995.852215,VS0,VE108

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
7407549a9de2b8a8-AMS
content-type
text/html
date
Thu, 25 Aug 2022 21:13:14 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 25 Aug 2022 21:23:14 GMT
location
https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kerLKG32jV3PpYoxW9JLymcg3ySCbznZ0IpBUK0vadN7R%2B%2FIuVFtWin37SF%2FNbED54eacLS4CcTuJd3B71jByF%2Fofe%2FFjD6kcXaiAB%2FJOIdGVNkLbxvhxJ1q3qIRnN4HpO5zAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
a27a89f7c571ee6304b7c275076e279d11e99f92
x-github-request-id
EF48:444C:7CDF67:8242F5:6307E5EA
x-proxy-cache
MISS
x-served-by
cache-ams21064-AMS
x-timer
S1661461995.675482,VS0,VE109
arcsin_domains_logo.svg
domains.arcsin.se/assets/app/img/ Frame 4185 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domains.arcsin.se/assets/app/img/arcsin_domains_logo.svg
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e0fa573b397348b721e83f12eb5cb91fecdf04c6c555cd8ef09c92a89afac1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
f0220db93dc9863d66902eebdb70dc181a165fd7
date
Thu, 25 Aug 2022 21:13:15 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
245
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21034-AMS
last-modified
Thu, 25 Aug 2022 15:08:07 GMT
server
cloudflare
x-github-request-id
F702:FEC0:B61BE1:BE8789:630790D0
x-timer
S1661440209.552843,VS0,VE112
etag
W/"63079057-12f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riYuC8D7tvN2iIq%2Bzya%2Bln2Omlak6dqD0a41zY1MdxwfCGDdA3maHtZJwyMBjNhvh6O%2ByXz1a627CTmYRpsWeG2PoVw80qpJhPXjnYs8bUxogGMgIaQG8%2FgYmOD340bh29gfSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7407549cff0db8f1-AMS
x-proxy-cache
MISS
expires
Thu, 25 Aug 2022 15:20:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4185 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.arcsin.se/
Origin
https://domains.arcsin.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 14:21:19 GMT
x-content-type-options
nosniff
age
197516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Aug 2023 14:21:19 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4185 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.arcsin.se/
Origin
https://domains.arcsin.se
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 01:52:01 GMT
x-content-type-options
nosniff
age
588074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 01:52:01 GMT
styles-b462c2f7c9.min.css
domains.arcsin.se/assets/ Frame 4185 		95 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://domains.arcsin.se/assets/styles-b462c2f7c9.min.css
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0688a53234bb100ec223387f82f4a31d1dd01f716ecf6368517d21ae04bde8de

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
ab4083fe51af9d0c0354bdd38762732a0e17f042
date
Thu, 25 Aug 2022 21:13:15 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
245
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21075-AMS
last-modified
Thu, 25 Aug 2022 15:08:07 GMT
server
cloudflare
x-github-request-id
87D8:B388:B7F157:C044FA:630790D0
x-timer
S1661440209.560554,VS0,VE104
etag
W/"63079057-17abf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74PKceAVMMDmPib0o8sLv9a9D8Jib9ZCed3DYr045athV8rlk3ajGxvA0cBCzgEOXf%2BEjMufQxr0rZkI8%2BKu1I5k3e3z8Xu3if7TZzp9W13N%2FOy84nJWUaALHIBd2kQytUCL1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7407549cff10b8f1-AMS
x-proxy-cache
MISS
expires
Thu, 25 Aug 2022 15:20:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4185 		165 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
985a6c3f81f35b2fe629c8313ff5c6c26d51a59c03c70a769447b7cde3486a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 21:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58276
x-xss-protection
0
server
cafe
etag
10361884455982565929
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 21:13:15 GMT
email-decode.min.js
domains.arcsin.se/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 4185 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://domains.arcsin.se/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/cas.se/?entity=63541&entity=63541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 21:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 11:02:51 GMT
server
cloudflare
etag
W/"6304b3db-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVav%2BoNPNvIvzaGpe39xHY90dXLIS9shauGFetNYozvr9%2BaEIbMjT%2BK4L6fe0ImV4briRrTyJEhA2FFNB83QmoqnmJbQ2h%2BnPh1vKadZN%2FBxKVI2HbHdKnny2v8j1RgbqNAKzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7407549cff12b8f1-AMS
vary
Accept-Encoding
expires
Sat, 27 Aug 2022 21:13:15 GMT
chevron_forward.svg
domains.arcsin.se/assets/app/img/icons/ Frame 4185 		278 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://domains.arcsin.se/assets/app/img/icons/chevron_forward.svg
Requested by
Host: domains.arcsin.se
URL: https://domains.arcsin.se/assets/styles-b462c2f7c9.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.196.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4063b06e054df3e568b1a320fcca0ae6d8f5017e4ffad9186f2ec1b7a3413826

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/assets/styles-b462c2f7c9.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
01e95fe658ab8cf944fcc3153b555c31f8b693c2
date
Thu, 25 Aug 2022 21:13:15 GMT
via
1.1 varnish
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-ams21081-AMS
last-modified
Thu, 25 Aug 2022 15:08:07 GMT
server
cloudflare
x-github-request-id
F44E:8062:701E1:73F00:630790D0
x-timer
S1661440209.747708,VS0,VE108
etag
W/"63079057-116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCgkmtiOwBbjhZn96oKMreR%2Bg%2FdE9CwvyAv0RQ0cxQhFehFseXrwUjGe0bBmD48rA%2FfpwZ12Z3kU%2FcwHyvljln5ScUp1T%2ByBJiymWfymKZIYUZlbE0ey2ZSaCaAGj7hNbtCXQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
7407549dd896b8f1-AMS
x-proxy-cache
MISS
expires
Thu, 25 Aug 2022 15:20:08 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/ Frame 4185 		342 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
60321909a2dc93473babff77ef34586a9b6d58ff899f9b8b3a403bf2a5529d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 21:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125059
x-xss-protection
0
server
cafe
etag
15762425576170464744
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 21:13:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/ Frame 3739 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220824/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.arcsin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

age
79496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 23:08:19 GMT
etag
8616628553774171045
expires
Wed, 07 Sep 2022 23:08:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4185 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=domains.arcsin.se
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 21:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B7B7 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4062596986263011&output=html&h=280&slotname=9310366746&adk=348137994&adf=438785099&pi=t.ma~as.9310366746&w=1200&fwrn=16&fwrnh=100&lmt=1661440097&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdomains.arcsin.se%2Fcas.se%2F%3Fentity%3D63541%26entity%3D63541&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1661461995328&bpp=3&bdt=336&idt=332&shv=r20220824&mjsv=m202208230101&ptt=9&saldr=aa&correlator=4096281247118&frm=22&ife=1&pv=2&ga_vid=1364196159.1661461996&ga_sid=1661461996&ga_hid=1280968528&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2627128497&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31069151%2C44771547&oid=2&pvsid=642984528574092&tmod=1627753141&uas=0&nvt=1&top=http%3A%2F%2Fcas.se%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.wb820sn22hl6&fsb=1&xpc=bS943uZlpE&p=https%3A//domains.arcsin.se&dtd=347
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51e7af06fd6eb1fd17cb6950ae4438643ca26cf6ca88d40ce862ccac16945cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.arcsin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 21:13:15 GMT
expires
Thu, 25 Aug 2022 21:13:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4185 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220824&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
35c2eaa38dc178567257978745444cf9ea5de4d0f5ce0e6aa6b81ebd9b5b90d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 21:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10806
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4185 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208230101/show_ads_impl_fy2021.js?bust=31069151
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 21:13:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 21:13:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0CA7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://domains.arcsin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
4320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 20:01:16 GMT
expires
Fri, 25 Aug 2023 20:01:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F638 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
GSE /
Resource Hash
e59463c5a3b78836f647708f28845db18109ac2190ecaa593ce7bae8526acdfb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-__m5dG0LetMo9qdze_eiEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://domains.arcsin.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-__m5dG0LetMo9qdze_eiEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 21:13:16 GMT
expires
Thu, 25 Aug 2022 21:13:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js
pagead2.googlesyndication.com/bg/ Frame 0CA7 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OjkVMSBLCKffYYJCcR1sndQZ2h8-FW78sMeE84aZbRQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
3a391531204b08a7df618242711d6c9dd419da1f3e156efcb0c784f386996d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 18:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15855
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 11:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Aug 2023 18:54:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F638 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220824&jk=642984528574092&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0CA7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QQXIdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 21:13:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4185 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220824&jk=642984528574092&bg=!GBulG1_NAAaXrHhMt6w7ACkAdvg8Wmdy5ucjcwq-OXNNSO96rBvO8Qaoog7TGEcoAkMtrJMz3b4KXgIAAABOUgAAAAJoAQeZAuti4MYHdrI5tca353E5ZI62NLewAesSaYBqL1XOGMhQsw3lIk8P9GE5SE7xHoba_eMg_W4Nc8Wc39G2ZH_Nk-z-3NbK3yKHycA-XL1mAwjYBbUCQuLd5iNVeuWqD426ixZJRqgndHeyWxzjf39ux-cwCRxzwfWsRVVLzu0i8tYztXAbu7QIFeMkFf-wIUKrlHEx0mylVYEUTBF2rOaQARqAYyrViKxnGONjH8nEEEaVPW4Sgu9uWxT17W-cfMGtzr4OFhjzsOP5v9O_rX3VLtEI0Nth9np1NbFalb2b-ZqKr2tuEKngrmFw9ymn8HzclUsfnmuNEeCcFeSOvWORruT1A_lFKounwGdigogKTBi4_7YeTcsGKJjOEAKkV1PUEH5E0Vbo6RVbqXn-vnzlkDkRQ0mEalYdHOJZIe6r5qvFXE6bpBlVreeHo-TDx5fu-LGsNyBO5YA7GlN8MCW9t_VLxq6ilw2PMd_O4uysZIAJ27ASubSXCtDT_yqeeE7M8iDPd5byFgQsCrLNwrwghMC6rXV85U1bik70O55tWF8Qfm_l8MN39wfIq9sphYauFi0rZOMQAozJtuE4wCvsI6_236yO9ry5gUReUfgtmlDik4oN-eaaf8QFP2GkaKEvwneMn2-W5tyOO2sOjIoVU1cRgRtlAYaS9HYj_awGNy_GeGKbNwanul-LmMTktodatOLZBERyytfZZkTNo0RnPDkn1Cs_Dfi24_pk7_4aTBtozbFnrSYlCl_pbjSyh-n_qnOqHYBR-MoXtD-yDH7nJ2Pwb-wPhvxOaVxfOys5_QKPQ955t55JtjKrrsNwj7N5D3lmwH67fjmuvwel5tCNjziE8SKo18b7fnke0rjp5nBZGM6QkaSSczSVCyEYHI1qYWUvEBDPpQAlIWJmdQbLpSYLtYByAaXyQOgMU4K320D7ZQCCXnh0RaYxjGk7LBVUtiCym9cJsFX75T_OUHZ2XgLdeg_dRC_lpWlDmD0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://domains.arcsin.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cas.se
domains.arcsin.se
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
142.250.185.129
142.250.185.162
142.250.185.194
142.250.185.98
142.250.186.99
172.67.196.21
194.9.94.86
216.58.212.132
0688a53234bb100ec223387f82f4a31d1dd01f716ecf6368517d21ae04bde8de
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
35c2eaa38dc178567257978745444cf9ea5de4d0f5ce0e6aa6b81ebd9b5b90d7
3a391531204b08a7df618242711d6c9dd419da1f3e156efcb0c784f386996d14
4063b06e054df3e568b1a320fcca0ae6d8f5017e4ffad9186f2ec1b7a3413826
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
51e7af06fd6eb1fd17cb6950ae4438643ca26cf6ca88d40ce862ccac16945cf1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60321909a2dc93473babff77ef34586a9b6d58ff899f9b8b3a403bf2a5529d73
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66e0fa573b397348b721e83f12eb5cb91fecdf04c6c555cd8ef09c92a89afac1
7c960c1eccd39ee33c852352e5a5ea0ba0a9e62a4961a3da6ed0dd9cb4bcc935
9769cb3d59f35bf674d8222a64711b60a8f0f024b41fe4f6403fcc85cbb9ead3
985a6c3f81f35b2fe629c8313ff5c6c26d51a59c03c70a769447b7cde3486a07
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59463c5a3b78836f647708f28845db18109ac2190ecaa593ce7bae8526acdfb