media.visma.se Open in urlscan Pro
2606:4700::6812:f0e  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Show response media.visma.se/pressreleases/	27 KB 9 KB	92ms 62ms	Document text/html	2606:4700::6812:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5f0d7e9427603d86003e7c5842ce2d48f72076f6dd57c1cd16326c0b7e45179 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers :method GET :authority media.visma.se :scheme https :path /pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 08:05:11 GMT content-type text/html; charset=utf-8 referrer-policy strict-origin-when-cross-origin x-frame-options SAMEORIGIN link <https://fonts.googleapis.com/css2?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400>; rel=preload; as=style; nopush,<https://d9qz450atvita.cloudfront.net/assets/newsroom2020/application-5c309cbc73acbdb85083d38509559783e7aa3d64579826f78632557e8f3fc33a.css>; rel=preload; as=style; nopush,<https://d9qz450atvita.cloudfront.net/assets/newsroom2020/cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css>; rel=preload; as=style; nopush,<https://fonts.googleapis.com/css2?display=swap&family=Ubuntu:wght@300&family=Open+Sans:wght@300&family=Open+Sans:wght@300>; rel=preload; as=style; nopush,<https://d9qz450atvita.cloudfront.net/assets/newsroom2020/application-2bdf9cef349c0bdb270f403ca2d0c83995477c852e4460797bb764683c38983e.js>; rel=preload; as=script; nopush,<https://d9qz450atvita.cloudfront.net/assets/mnd-cookie-consent-f83538e655936b5528883496ae0e58aeba5295eedf15a314fba7dcd636139136.js>; rel=preload; as=script; nopush expires Sun, 04 Jul 2021 08:54:13 GMT cache-control max-age=0, public, s-maxage=3600 heroku-release v12503, 5d1c2b646b0334666e42c11151ad7023c9301e01, 2021-07-02T11:24:07Z x-request-id 5d76ced2-4ab7-4af2-8851-d578551d5335 x-runtime 0.166213 strict-transport-security max-age=31536000; includeSubDomains vary Origin, Accept-Encoding via 1.1 vegur cf-cache-status HIT age 632 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6696d8db3ad10ea7-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	4 KB 645 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9194a645b66b23bfe0d0e541367b112cf7283db4602c6560c48b0a3bfc52699a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 04 Jul 2021 08:05:11 GMT server ESF date Sun, 04 Jul 2021 08:05:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 04 Jul 2021 08:05:11 GMT
GET H2	200	application-5c309cbc73acbdb85083d38509559783e7aa3d64579826f78632557e8f3fc33a.css d9qz450atvita.cloudfront.net/assets/newsroom2020/	42 KB 7 KB	105ms 31ms	Stylesheet text/css	13.225.84.61
General Check archive.org Show headers Download Go to Full URL https://d9qz450atvita.cloudfront.net/assets/newsroom2020/application-5c309cbc73acbdb85083d38509559783e7aa3d64579826f78632557e8f3fc33a.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.61 , United States, ASN (), Reverse DNS server-13-225-84-61.fra2.r.cloudfront.net Software cloudflare / Resource Hash d329627546dbc8612069085f16a25e552ca90f2564a293ee91e3c16fda97f309 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 28 May 2021 07:43:31 GMT via 1.1 vegur, 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) vary Accept-Encoding,Origin cf-cache-status MISS age 3198100 x-cache Hit from cloudfront content-encoding gzip content-length 6767 cf-request-id 0a5386b927000018e57a0b4000000001 last-modified Fri, 28 May 2021 07:37:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/css cache-control public, max-age=31556952 x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 6565da3b7c2818e5-FRA x-amz-cf-id ReYTYpcwUY0kQHNNsGHD_vobB1fnpg3k1aUWQanE6JhlVFVE1iJ6Iw==
GET H2	200	cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css d9qz450atvita.cloudfront.net/assets/newsroom2020/	53 B 669 B	106ms 32ms	Stylesheet text/css	13.225.84.61
General Check archive.org Show headers Download Go to Full URL https://d9qz450atvita.cloudfront.net/assets/newsroom2020/cname_newsroom-b2e06991e995e093ffbde22cdaac53f96588c165b4280b9c07d0a4f390262d64.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.61 , United States, ASN (), Reverse DNS server-13-225-84-61.fra2.r.cloudfront.net Software cloudflare / Resource Hash 12965d83a8c756ea5710ad3954157ecf83e2ea0ef21d9eb893a4aa3ace254f92 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=86400; includeSubDomains Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 22 Dec 2020 09:01:16 GMT via 1.1 vegur, 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) vary Accept-Encoding,Origin cf-cache-status MISS age 16758235 x-cache Hit from cloudfront content-encoding gzip content-length 58 cf-request-id 072b477be200004ac83da8c000000001 last-modified Wed, 02 Dec 2020 10:48:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains, max-age=86400; includeSubDomains content-type text/css cache-control public, max-age=31556952 x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 6058a83fda604ac8-FRA x-amz-cf-id tRO9hd386yo9KOmCUElohMjeIfCUb8WGyBUWHSTCuMnSMoXPlsmUNQ==
GET H2	200	css2 fonts.googleapis.com/	4 KB 760 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?display=swap&family=Ubuntu:wght@300&family=Open+Sans:wght@300&family=Open+Sans:wght@300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5632b6514278b6344e3b159f97104fccae927ec020c6fd8826a79bff273548db Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 04 Jul 2021 08:05:11 GMT server ESF date Sun, 04 Jul 2021 08:05:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 04 Jul 2021 08:05:11 GMT
GET H2	200	application-2bdf9cef349c0bdb270f403ca2d0c83995477c852e4460797bb764683c38983e.js Show response d9qz450atvita.cloudfront.net/assets/newsroom2020/	7 KB 3 KB	107ms 34ms	Script application/javascript	13.225.84.61
General Check archive.org Show headers Download Go to Full URL https://d9qz450atvita.cloudfront.net/assets/newsroom2020/application-2bdf9cef349c0bdb270f403ca2d0c83995477c852e4460797bb764683c38983e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.61 , United States, ASN (), Reverse DNS server-13-225-84-61.fra2.r.cloudfront.net Software cloudflare / Resource Hash 6e6263304af839f01ba57c8d2ef41d515f0374a7903dd42639dc1566dccb49ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 08 Mar 2021 13:34:31 GMT via 1.1 vegur, 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) vary Accept-Encoding,Origin cf-cache-status MISS age 10175440 x-cache Hit from cloudfront content-encoding gzip content-length 2075 cf-request-id 08b3a4f7780000cdcfa7b08000000001 last-modified Mon, 08 Mar 2021 13:28:43 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript cache-control public, max-age=31556952 x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 62cc71058d27cdcf-CDG x-amz-cf-id XEa3o1QV01C7zkxPeZR8dgNjp2jgc4l7mjUkSK5r0WixoZIgj1qEoQ==
GET H2	200	mnd-cookie-consent-f83538e655936b5528883496ae0e58aeba5295eedf15a314fba7dcd636139136.js Show response d9qz450atvita.cloudfront.net/assets/	3 KB 2 KB	105ms 33ms	Script application/javascript	13.225.84.61
General Check archive.org Show headers Download Go to Full URL https://d9qz450atvita.cloudfront.net/assets/mnd-cookie-consent-f83538e655936b5528883496ae0e58aeba5295eedf15a314fba7dcd636139136.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.61 , United States, ASN (), Reverse DNS server-13-225-84-61.fra2.r.cloudfront.net Software cloudflare / Resource Hash 9f2295a10ce91eab9601630d2dfde0e2f1a329875a0332908594ee276c0ec702 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 12 Feb 2021 08:32:41 GMT via 1.1 vegur, 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) vary Accept-Encoding,Origin cf-cache-status MISS age 12267150 x-cache Hit from cloudfront content-encoding gzip content-length 1178 cf-request-id 0836f7ffcf000032c8d43b6000000001 last-modified Fri, 12 Feb 2021 08:27:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript cache-control public, max-age=31556952 x-amz-cf-pop FRA2-C2 accept-ranges bytes cf-ray 6204f5dfa8e232c8-CDG x-amz-cf-id zMHRbFv5A7wRA_EEUTdKOJsANnWueivq52NH64-p3zRpPtGHFf4_-g==
GET H3-29	200	api.js Show response media.visma.se/cdn-cgi/bm/cv/669835187/	35 KB 9 KB	91ms 74ms	Script text/javascript	2606:4700::6812:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.visma.se/cdn-cgi/bm/cv/669835187/api.js Requested by Host: media.visma.se URL: https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers :path /cdn-cgi/bm/cv/669835187/api.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority media.visma.se referer https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 :scheme https sec-fetch-site same-origin :method GET Referer https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 08:05:11 GMT content-encoding gzip x-content-type-options nosniff server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript vary Accept-Encoding cache-control max-age=604800, public cf-ray 6696d8dbbef84e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0b1225dd5500004e2bef078000000001
GET H2	200	qu565kwapuoa12dhn5ks.jpg resources.mynewsdesk.com/image/upload/t_next_gen_logo_limit_x2/	10 KB 10 KB	23ms 6ms	Image image/jpeg	2a04:4e42:1b::512 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://resources.mynewsdesk.com/image/upload/t_next_gen_logo_limit_x2/qu565kwapuoa12dhn5ks.jpg Requested by Host: media.visma.se URL: https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::512 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash bef6762a7544b2708392c40e416ecfa673475cb5f8f2d17cb01db1c7f3153eec Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 08:05:11 GMT x-content-type-options nosniff last-modified Thu, 25 Aug 2016 11:38:13 GMT server Cloudinary etag "54ddab8dcae0d21d97de99175e3aa537" strict-transport-security max-age=604800 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=31557600 server-timing fastly;dur=1;cpu=0;start=2021-07-04T08:05:11.639Z;desc=hit,rtt;dur=5 accept-ranges bytes timing-allow-origin * content-length 9746
GET H2	200	hxwkwjov4uzydvi0piv7.jpg resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto,w_910/	34 KB 34 KB	178ms 161ms	Image image/webp	2a04:4e42:1b::512 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto,w_910/hxwkwjov4uzydvi0piv7.jpg Requested by Host: media.visma.se URL: https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::512 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 6b88b9ddfb305e71e38ea794d37ffafdc6dfc99cd4be41c04c94352520107c7e Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 08:05:11 GMT x-content-type-options nosniff content-disposition inline; filename="hxwkwjov4uzydvi0piv7.webp" server-timing fastly;dur=155;cpu=0;start=2021-07-04T08:05:11.639Z;desc=miss,rtt;dur=5,cloudinary;dur=61;start=2021-07-04T08:05:11.689Z vary DPR content-length 34946 last-modified Sat, 03 Jul 2021 11:01:31 GMT server Cloudinary etag "238f9438d1622121f432ca818d418a33" strict-transport-security max-age=604800 content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, max-age=600 content-dpr 1 accept-ranges bytes timing-allow-origin *
GET H2	200	dgogpy2kjtcbfvedxgbm.jpg resources.mynewsdesk.com/image/upload/t_small_face_square_v2,dpr_2.0/	14 KB 14 KB	24ms 7ms	Image image/jpeg	2a04:4e42:1b::512 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://resources.mynewsdesk.com/image/upload/t_small_face_square_v2,dpr_2.0/dgogpy2kjtcbfvedxgbm.jpg Requested by Host: media.visma.se URL: https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::512 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 2ecd687a5a3a2c170ef1fa33bfafe3e5a5dbc656b2381658647c412fc9498e2e Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 08:05:11 GMT x-content-type-options nosniff last-modified Thu, 01 Jul 2021 13:38:59 GMT server Cloudinary etag "0adfa8d42b9cf66588422f12531bc6af" strict-transport-security max-age=604800 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=31557600 server-timing fastly;dur=1;cpu=0;start=2021-07-04T08:05:11.639Z;desc=hit,rtt;dur=5 accept-ranges bytes timing-allow-origin * content-length 14100
GET H2	200	alpine.min.js Show response cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/	26 KB 9 KB	22ms 5ms	Script application/javascript	2a04:4e42:1b::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/alpine.min.js Requested by Host: media.visma.se URL: https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://media.visma.se Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 27765 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 8696 etag W/"6969-PYk6WU7wXAXPX7qrRZSTVytMicQ" x-served-by cache-fra19148-FRA, cache-hhn4043-HHN date Sun, 04 Jul 2021 08:05:11 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	hxwkwjov4uzydvi0piv7.jpg resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto,w_320/	8 KB 8 KB	114ms 114ms	Image image/webp	2a04:4e42:1b::512 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://resources.mynewsdesk.com/image/upload/ar_16:9,c_fill,dpr_auto,f_auto,g_auto,q_auto,w_320/hxwkwjov4uzydvi0piv7.jpg Requested by Host: media.visma.se URL: https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::512 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash e1e800c4433b786e0c840490b1c3274fe2f73d3427e620ea3121dde1bf9b1da8 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Referer https://media.visma.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 04 Jul 2021 08:05:11 GMT x-content-type-options nosniff content-disposition inline; filename="hxwkwjov4uzydvi0piv7.webp" server-timing fastly;dur=107;cpu=0;start=2021-07-04T08:05:11.730Z;desc=hit,rtt;dur=5 vary DPR content-length 8124 last-modified Sat, 03 Jul 2021 10:25:55 GMT server Cloudinary etag "56e63d90eecb5f25ba0b24056211788d" strict-transport-security max-age=604800 content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options cache-control private, no-transform, max-age=600 content-dpr 1 accept-ranges bytes timing-allow-origin *
GET H2	200	mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 fonts.gstatic.com/s/opensans/v20/	15 KB 15 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Ubuntu:wght@300&family=Open+Sans:wght@300&family=Open+Sans:wght@300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://media.visma.se Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 30 Jun 2021 10:05:12 GMT x-content-type-options nosniff age 338399 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14992 x-xss-protection 0 last-modified Tue, 18 May 2021 21:21:24 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Jun 2022 10:05:12 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v17/	23 KB 23 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Lato:wght@900&family=PT+Sans:wght@400;700&family=Lato:wght@400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://media.visma.se Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 30 Jun 2021 06:21:47 GMT x-content-type-options nosniff age 351804 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Jun 2022 06:21:47 GMT
GET H2	200	4iCv6KVjbNBYlgoC1CzjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v15/	37 KB 37 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?display=swap&family=Ubuntu:wght@300&family=Open+Sans:wght@300&family=Open+Sans:wght@300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://media.visma.se Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 29 Jun 2021 20:49:13 GMT x-content-type-options nosniff age 386158 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38108 x-xss-protection 0 last-modified Thu, 10 Sep 2020 17:02:31 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 29 Jun 2022 20:49:13 GMT
POST H3-29	204	result Show response media.visma.se/cdn-cgi/bm/cv/	0 531 B	12ms 12ms	XHR text/plain	2606:4700::6812:f0e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://media.visma.se/cdn-cgi/bm/cv/result?req_id=6696d8db3ad10ea7 Requested by Host: media.visma.se URL: https://media.visma.se/cdn-cgi/bm/cv/669835187/api.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-fetch-mode cors origin https://media.visma.se accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty content-length 572 :path /cdn-cgi/bm/cv/result?req_id=6696d8db3ad10ea7 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority media.visma.se referer https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 :scheme https sec-fetch-site same-origin :method POST Referer https://media.visma.se/pressreleases/mjukvaruleverantoeren-kesaya-utsatt-foer-en-global-cyberattack-som-paaverkar-detaljhandeln-3114593 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json Response headers date Sun, 04 Jul 2021 08:05:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding set-cookie __cf_bm=41eff64188cfe868ec7967fd66654e87f7485705-1625385911-1800-AVPixcYrNpv+b560uV01mLYn0gXtAiYkfJcntdQ9/ihLWxSP0boZHvDIf8N9im/HdKtJCbONYH7qwQcqDqEXFHDI2Xg/FMEW3ANletsw5Cc7vZd6S+F2KEgnGXZS1RTQbM5T1sKqBle++p7kRis9cWM=; path=/; expires=Sun, 04-Jul-21 08:35:11 GMT; domain=.media.visma.se; HttpOnly; Secure; SameSite=None strict-transport-security max-age=31536000; includeSubDomains cf-ray 6696d8dd19c24e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0b1225de2c00004e2bf31cd000000001

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| a0_0x433e function| a0_0x3d7e object| mndCookieConsentPendingTrackers object| __CF$cv$params object| Alpine

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://d9qz450atvita.cloudfront.net/assets/mnd-cookie-consent-f83538e655936b5528883496ae0e58aeba5295eedf15a314fba7dcd636139136.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
d9qz450atvita.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
media.visma.se
resources.mynewsdesk.com
13.225.84.61
2606:4700::6812:f0e
2a00:1450:4001:802::200a
2a00:1450:4001:831::2003
2a04:4e42:1b::485
2a04:4e42:1b::512
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
12965d83a8c756ea5710ad3954157ecf83e2ea0ef21d9eb893a4aa3ace254f92
2ecd687a5a3a2c170ef1fa33bfafe3e5a5dbc656b2381658647c412fc9498e2e
5632b6514278b6344e3b159f97104fccae927ec020c6fd8826a79bff273548db
6b88b9ddfb305e71e38ea794d37ffafdc6dfc99cd4be41c04c94352520107c7e
6e6263304af839f01ba57c8d2ef41d515f0374a7903dd42639dc1566dccb49ce
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
9194a645b66b23bfe0d0e541367b112cf7283db4602c6560c48b0a3bfc52699a
9f2295a10ce91eab9601630d2dfde0e2f1a329875a0332908594ee276c0ec702
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
bef6762a7544b2708392c40e416ecfa673475cb5f8f2d17cb01db1c7f3153eec
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d329627546dbc8612069085f16a25e552ca90f2564a293ee91e3c16fda97f309
d5f0d7e9427603d86003e7c5842ce2d48f72076f6dd57c1cd16326c0b7e45179
dfbc6f14aa1ece087d34da8e25c9bc329b4a6d3757f87748ca4b5319c8a01d7f
e1e800c4433b786e0c840490b1c3274fe2f73d3427e620ea3121dde1bf9b1da8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855