www.expressen.se Open in urlscan Pro
2a04:4e42:1f::347 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gillaquiz.nu/
Effective URL:
https://www.expressen.se/
Submission Tags: suspect
Submission: On October 16 via api (October 16th 2024, 4:35:50 pm UTC) from BR — Scanned from US

Summary HTTP 44 Redirects Links 69 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2a04:4e42:1f::347, located in United States and belongs to FASTLY, US. The main domain is www.expressen.se. The Cisco Umbrella rank of the primary domain is 338683.
TLS certificate: Issued by R10 on September 5th 2024. Valid for: 3 months.

This is the only time www.expressen.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.160.47.224 34.160.47.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	2a04:4e42:1f:... 2a04:4e42:1f::347	54113 (FASTLY) (FASTLY)
2	2600:9000:251... 2600:9000:2510:9000:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	213.132.98.206 213.132.98.206	12552 (IPO-EU) (IPO-EU)
1	34.111.220.203 34.111.220.203	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.164.96.40 18.164.96.40	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:251... 2600:9000:2512:dc00:d:2044:5c40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	34.36.190.125 34.36.190.125	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
4	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1	151.101.37.91 151.101.37.91	54113 (FASTLY) (FASTLY)
44	11

1 34.160.47.224 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.47.160.34.bc.googleusercontent.com

gillaquiz.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a04:4e42:1f::347 (United States)

ASN54113 (FASTLY, US)

www.expressen.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bonniernews.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bonad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2510:9000:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.132.98.206 (Stockholm, Sweden)

ASN12552 (IPO-EU, SE)

313ffac5c43f6f9c49e083351f0aaf88-httpcache0-03837-cachedown0.dna.ip-only.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.220.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.220.111.34.bc.googleusercontent.com

tracking.expressen.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-40.jfk50.r.cloudfront.net

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2512:dc00:d:2044:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.36.190.125 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 125.190.36.34.bc.googleusercontent.com

l.seenthis.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.staging.sitestream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.sitestream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

video.sitestream.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.37.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.bonniernews.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sitestream.co cdn.staging.sitestream.co video.sitestream.co	575 KB
14	bonniernews.se static.bonniernews.se — Cisco Umbrella Rank: 217865	195 KB
6	seenthis.co l.seenthis.co	224 B
5	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4674 api.privacy-center.org — Cisco Umbrella Rank: 12117	161 KB
3	expressen.se www.expressen.se — Cisco Umbrella Rank: 338683 tracking.expressen.se — Cisco Umbrella Rank: 523322	170 KB
1	bonad.io assets.bonad.io — Cisco Umbrella Rank: 290631	19 KB
1	ip-only.net 313ffac5c43f6f9c49e083351f0aaf88-httpcache0-03837-cachedown0.dna.ip-only.net	128 KB
1	gillaquiz.nu 1 redirects gillaquiz.nu	198 B
44	8

	Domain	Requested by
14	static.bonniernews.se	www.expressen.se sdk.privacy-center.org
12	video.sitestream.co	static.bonniernews.se cdn.staging.sitestream.co www.expressen.se
6	l.seenthis.co	static.bonniernews.se
3	sdk.privacy-center.org	www.expressen.se sdk.privacy-center.org
2	cdn.staging.sitestream.co	static.bonniernews.se www.expressen.se
2	api.privacy-center.org	sdk.privacy-center.org
2	www.expressen.se	www.expressen.se
1	tracking.expressen.se	www.expressen.se
1	assets.bonad.io	www.expressen.se
1	313ffac5c43f6f9c49e083351f0aaf88-httpcache0-03837-cachedown0.dna.ip-only.net	www.expressen.se
1	gillaquiz.nu	1 redirects
44	11

This site contains links to these domains. Also see Links.

Domain
privacy.bonniernews.se
prenumerera.expressen.se
id.bonniernews.se
livesport.expressen.se
teknikensvarld.expressen.se
www.sportexpressenplay.se
rabattkoder.expressen.se
spel.expressen.se
lanapengar.expressen.se
mobilguiden.expressen.se
alltommat.expressen.se
alltomresor.expressen.se
damernasvarld.expressen.se
halsoliv.expressen.se
levaochbo.expressen.se
etidning.expressen.se
konto.bonniernews.se
kampanj.expressen.se
amelia.expressen.se
skonahem.expressen.se
mama.expressen.se
www.bonniernews.se
iabsverige.se
expressen.ocast.com
apps.apple.com
play.google.com
twitter.com
sv-se.facebook.com

Subject Issuer	Validity	Valid
www.expressen.se R10	`2024-09-05` - `2024-12-04`	3 months	crt.sh
static.bonniernews.se R11	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
dna.ip-only.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
assets.bonad.io R10	`2024-09-09` - `2024-12-08`	3 months	crt.sh
tracking.expressen.se WR3	`2024-08-31` - `2024-11-29`	3 months	crt.sh
api.privacy-center.org Amazon RSA 2048 M02	`2024-05-28` - `2025-06-25`	a year	crt.sh
l.seenthis.co R10	`2024-09-12` - `2024-12-11`	3 months	crt.sh
*.sitestream.co GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-07` - `2025-07-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.expressen.se/
Frame ID: C343C2715C4F8FBBA38CB5331DE9DF1E
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nyheter - senaste nyheterna i Sverige och världen

Page URL History Show full URLs

http://gillaquiz.nu/ HTTP 307
https://gillaquiz.nu/ HTTP 301
https://www.expressen.se/ Page URL

Detected technologies

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Page Statistics

44
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

1249 kB
Transfer

2303 kB
Size

2
Cookies

69 Outgoing links

These are links going to different origins than the main page.

URL: https://privacy.bonniernews.se/cookielista/expressen
Title: undersajter

Search URL Search Domain Scan URL

URL: https://privacy.bonniernews.se/cookiepolicy
Title: Kakpolicy

Search URL Search Domain Scan URL

URL: https://privacy.bonniernews.se/personuppgiftspolicy
Title: Personuppgiftspolicy

Search URL Search Domain Scan URL

URL: https://prenumerera.expressen.se/premium/kampanj/expressen-premium-standard-pakettorg/?utm_source=internal&utm_medium=site&utm_content=subscribe
Title: Prenumerera

Search URL Search Domain Scan URL

URL: https://id.bonniernews.se/login?returnUri=https%3A//www.expressen.se/%23no_universal_links
Title: Logga in

Search URL Search Domain Scan URL

URL: https://livesport.expressen.se/
Title: Livesport

Search URL Search Domain Scan URL

URL: https://teknikensvarld.expressen.se/teknikens-varld-premium/
Title: Motor

Search URL Search Domain Scan URL

URL: https://www.sportexpressenplay.se/
Title: Sport

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/test
Title: Bäst i test

Search URL Search Domain Scan URL

URL: https://spel.expressen.se/
Title: Spel & Casino

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/
Title: Låna pengar

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/
Title: Rabattkoder

Search URL Search Domain Scan URL

URL: https://mobilguiden.expressen.se/
Title: Mobilguiden

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/
Title: Allt om Mat

Search URL Search Domain Scan URL

URL: https://alltomresor.expressen.se/
Title: Allt om Resor

Search URL Search Domain Scan URL

URL: https://damernasvarld.expressen.se/
Title: Damernas Värld

Search URL Search Domain Scan URL

URL: https://halsoliv.expressen.se/
Title: Hälsoliv

Search URL Search Domain Scan URL

URL: https://levaochbo.expressen.se/
Title: Leva & bo

Search URL Search Domain Scan URL

URL: https://teknikensvarld.expressen.se/
Title: Teknikens Värld

Search URL Search Domain Scan URL

URL: https://id.bonniernews.se/login?returnUri=https%3A%2F%2Fkonto.bonniernews.se%3Fbrandref%3Dwww.expressen.se&autoLogin=true
Title: Kontoinställningar

Search URL Search Domain Scan URL

URL: https://etidning.expressen.se/
Title: E-tidning

Search URL Search Domain Scan URL

URL: https://konto.bonniernews.se/vanliga-fragor/
Title: Kundservice och villkor

Search URL Search Domain Scan URL

URL: https://id.bonniernews.se/logout?returnUri=https%3A//www.expressen.se/%23no_universal_links
Title: Logga ut

Search URL Search Domain Scan URL

URL: https://prenumerera.expressen.se/premium/kampanj/expressen-premium-standard-kampanj-banner/?utm_source=internal&utm_medium=site&utm_content=bauta&utm_campaign=1WFREE

Search URL Search Domain Scan URL

URL: https://kampanj.expressen.se/hjart-lungfonden/forskaren-sa-ska-man-kunna-leva-langre-med-diabetes/
Title: Så kan din swish ge längre livstid för diabetikerStöd insamlingen här: ”De har en ökad risk för hjärt-kärlsjukdom och därmed förtida död”

Search URL Search Domain Scan URL

URL: https://kampanj.expressen.se/hjart-lungfonden/genforskning-ska-losa-gatan-bakom-hjartsvikt/
Title: Genforskning ska lösa gåtan bakom hjärtsviktVar fjärde svensk drabbas: Så kan du bidra till att bota

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/lovbiffsgryta
Title: Grytan som får alla att be om receptetAlla kan lyckas ✓ Kockens tips

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/artiklar/glassjattarnas-nya-satsning-lanserar-sma-chokladbitar/
Title: ”Så har du aldrig ätit populära glassarna”Glassjättarnas nya chokladsatsning

Search URL Search Domain Scan URL

URL: https://levaochbo.expressen.se/gor-det-sjalv/anglaspel-och-kepsar-ovantade-sakerna-svenskar-samlar-pa/
Title: Nya listan avslöjar – det här har vi i gömmornaFyra av tio svenskar samlar på något • Bättre än aktier

Search URL Search Domain Scan URL

URL: https://amelia.expressen.se/premium/13-beteenden-som-far-din-dejt-att-backa/
Title: PremiumDå ökar risken för att du blir ghostad13 vanliga misstag på dejten • ”Det bör du aldrig säga”

Search URL Search Domain Scan URL

URL: https://kampanj.expressen.se/svenskaspel/13-saker-du-troligen-inte-visste-om-stryktipset/
Title: 13 saker du inte visste om StryktipsetSvenska sportspels urmoder fyller 90 år – ”Tipsextra startade MOT Hylands vilja”

Search URL Search Domain Scan URL

URL: https://kampanj.expressen.se/riksbyggen/glom-hetsiga-budgivningar-sa-koper-du-din-bostad-smidigare/
Title: Glöm hetsiga budgivningar – så köper du bostad smidigare”När man väljer det här får man tid att sätta sig in i affären”

Search URL Search Domain Scan URL

URL: https://levaochbo.expressen.se/halloween-1/pynta-hemmet-laskigt-till-halloween--tips-och-ideer-inne-och-ute/
Title: Halloweenpyntet som ger kalla kårar – massor av otäcka tips!

Search URL Search Domain Scan URL

URL: https://skonahem.expressen.se/nyheter/shopping/adventskalendrar-2024--basta-julkalendrarna-att-unna-sig-till-hemmet/
Title: Bästa julkalendrarna 2024 – med härlig lyx till hemmet

Search URL Search Domain Scan URL

URL: https://damernasvarld.expressen.se/skonhet/de-basta-adventskalendrarna-2024-skonhetsredaktoren-recenserar/
Title: Skönhetsexperten: Mest prisvärda adventskalendrarna 2024

Search URL Search Domain Scan URL

URL: https://damernasvarld.expressen.se/skonhet/arets-basta-mascara-2024-vara-favoriter-och-bast-i-test/
Title: Årets bästa mascara 2024 – se vinnarna i vårt stora test

Search URL Search Domain Scan URL

URL: https://damernasvarld.expressen.se/mode/kate-moss-debuterade-som-50-aring-pa-victorias-secrets-show-2024
Title: ”Kate Moss hade ingen bra dag på jobbet”50-åriga modellen debuterade med dottern

Search URL Search Domain Scan URL

URL: https://mama.expressen.se/nyblivenmama/barnmorskan-sara-dellner-farre-helammar-och-fler-ammar-delvis-varfor/
Title: Barnmorskan: ”Därför helammar färre i dag”Sara Dellner: Hur du matar ditt barn handlar inte om jämställt föräldraskap

Search URL Search Domain Scan URL

URL: https://mama.expressen.se/mamaliv/stjarnmammor/-klara-elvgren-veckan-efter-jag-slutade-amma-blev-jag-gravid-igen/
Title: PremiumKlara Elvgren: ”Veckan efter blev jag gravid igen”Från singel till familj • ”Känt mig som en bitter morsa” • Pengarna

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/flaskfilegryta-med-apple-och-rosepeppar/
Title: ReceptFläskfilégryta med äpple och rosépeppar

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/svamp-och-potatisgratang/
Title: ReceptPotatisgratäng med svamp

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/raggmunk-med-flask-och-lingon-recept-av-stefan-ekengren/
Title: ReceptRaggmunk med fläsk och lingon – recept av Stefan Ekengren

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/boeuf-bourguignon-recept/
Title: ReceptBoeuf bourguignon – recept på klassisk fransk gryta

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/lovbiffsgryta/
Title: ReceptLövbiffsgryta – recept på snabblagad gryta

Search URL Search Domain Scan URL

URL: https://alltommat.expressen.se/recept/
Title: Fler recept från Allt om mat

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/samla-lan/
Title: SAMLA LÅN – Samla ihop smålån & krediter och sänk månadskostnaden

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/privatlan/
Title: PRIVATLÅN – Lite större blancolån upp till 600 000 kr utan säkerhet

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/snabblan/
Title: SNABBLÅN – När du behöver pengar snabbt och enkelt samma dag

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/lan-utan-uc/
Title: LÅN UTAN UC – Låna även när du har många tidigare kreditförfrågningar

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/kontokredit/
Title: KONTOKREDIT – Ett mindre lån du kan använda i stället för ett kreditkort”

Search URL Search Domain Scan URL

URL: https://lanapengar.expressen.se/laneformedlare/
Title: LÅNEFÖRMEDLARE – Ett enkelt sätt att jämföra upp till 40 långivare samtidigt

Search URL Search Domain Scan URL

URL: https://amelia.expressen.se/premium/natalie-27-salde-knark-jag-satt-alltid-med-luren-i-handen/
Title: PremiumNatalies, 27, väg ut ur gängkriminalitetenSålde droger • Såg vänner skjutas: ”Svek andra och mig själv"

Search URL Search Domain Scan URL

URL: https://levaochbo.expressen.se/hemma-hos-5/dromhem/linnea-vi-har-ritat-och-byggt-vart-underbara-hus-sjalva/
Title: Linnea ritade och byggde sitt eget hus som 25-åring”Känner en otrolig stolthet”

Search URL Search Domain Scan URL

URL: https://teknikensvarld.expressen.se/kronika/vi-har-blivit-biltillverkarnas-forsokskaniner/
Title: Vi konsumenter har blivit försökskaninerMATTIAS RABE: Biltillverkarna släpper ofärdiga produkter

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/hotels-rabattkod
Title: Hotels.comHotels.com rabattkod - Få rabatt på din nästa hotellbokning hos Hotels.com

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/na-kd-rabattkod
Title: NA-KDNA-KD rabattkod - Få rabatt på ditt köp av stilsäkert mode online

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/jotex-rabattkod
Title: JotexJotex rabattkod - Fynda inredning till rabatterat pris med våra rabattkoder

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/ellos-rabattkod
Title: EllosEllos rabattkod - Handla billigare mode, inredning och skönhet med våra rabattkoder

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/adlibris-rabattkod
Title: AdlibrisAdlibris rabattkod - Aktuella rabatter på böcker, pyssel, leksaker och mycket mer

Search URL Search Domain Scan URL

URL: https://rabattkoder.expressen.se/nelly-rabattkod
Title: NellyNelly rabattkod - Handla senaste modet hos Nelly.com

Search URL Search Domain Scan URL

URL: https://prenumerera.expressen.se/premium/kampanj/expressen-premium-standard-kampanj/?utm_source=internal&utm_medium=site&utm_content=sidfot&utm_campaign=1WFREE
Title: Expressen Premium

Search URL Search Domain Scan URL

URL: https://www.bonniernews.se/info/upphovsratt-och-ai
Title: Upphovsrätt och AI

Search URL Search Domain Scan URL

URL: https://iabsverige.se/om-iab/nyhet/bonnier-news-certifierade-enligt-iab-sveriges-gold-standard
Title: IAB Sweden Golden Standard

Search URL Search Domain Scan URL

URL: https://expressen.ocast.com/
Title: Annonser

Search URL Search Domain Scan URL

URL: https://www.bonniernews.se/
Title: Bonnier News

Search URL Search Domain Scan URL

URL: https://apps.apple.com/se/app/expressen-nyheter/id720666319

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=se.expressen.launcher&hl=sv&gl=US

Search URL Search Domain Scan URL

URL: https://twitter.com/Expressen

Search URL Search Domain Scan URL

URL: https://sv-se.facebook.com/expressen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gillaquiz.nu/ HTTP 307
https://gillaquiz.nu/ HTTP 301
https://www.expressen.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.expressen.se/
Redirect Chain

http://gillaquiz.nu/
https://gillaquiz.nu/
https://www.expressen.se/

255 KB
84 KB

747ms
280ms

Document
text/html

2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d9b5f45852d679cfccd8c94a5dc94af5d05172a3434772dca625ba69267dcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: none
age: 44
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: private, no-cache
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 16:35:43 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-cloud-trace-context: 4b2bce5ed8d01b586c724b4ce89ecea4
x-correlation-id: 2ec37a3c-632a-4ace-85ed-b568e3b6153e

Redirect headers

age: 12505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=3600
content-length: 0
content-type: text/html
date: Wed, 16 Oct 2024 13:07:17 GMT
location: https://www.expressen.se/
server: Google Frontend
via: 1.1 google
x-cloud-trace-context: 6a03b99d5c077a4d7fb8ca199367c94d

GET
H2 200 siri-black-condensed.woff2
static.bonniernews.se/bundles/expressen/shared/fonts/ 24 KB
24 KB 680ms
220ms Font
font/woff2 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/shared/fonts/siri-black-condensed.woff2

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e10934b7e0b911d8f70e2c7cd5a7006eb01c9c8d4f4384e97e1aa64fef732b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://www.expressen.se
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
etag: "2f2423139042de4f2e6005d023a1fb11"
age: 2437275
access-control-allow-methods: GET,HEAD,POST
accept-ranges: bytes
access-control-allow-origin: https://www.expressen.se
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24304
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: font/woff2
last-modified: Wed, 18 Sep 2024 11:31:45 GMT
vary: Origin

GET
H2 200 inter-variable-subset.woff2
static.bonniernews.se/bundles/expressen/shared/fonts/ 43 KB
43 KB 680ms
221ms Font
font/woff2 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/shared/fonts/inter-variable-subset.woff2

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

087bcbe71a50104b9c8aa650ce97caffa786ea1b86fc7d04658bcfc847c120b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://www.expressen.se
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
etag: "8f1a57a696da67dd5535378a77d14048"
age: 2437274
access-control-allow-methods: GET,HEAD,POST
accept-ranges: bytes
access-control-allow-origin: https://www.expressen.se
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44028
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: font/woff2
last-modified: Wed, 18 Sep 2024 11:31:44 GMT
vary: Origin

GET
H2 200 section.nonCritical.mobile_cf21e8188cf2de3befc7ebc947f302bb.css
static.bonniernews.se/bundles/expressen/styles/ 13 KB
4 KB 681ms
222ms Stylesheet
text/css 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/styles/section.nonCritical.mobile_cf21e8188cf2de3befc7ebc947f302bb.css

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

40c1b7ea98e73ef8377e9aca74f1a264137055ee143363b0914263f717a4b050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
content-encoding: gzip
etag: "cf21e8188cf2de3befc7ebc947f302bb"
age: 628547
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3602
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 09 Oct 2024 09:58:41 GMT
vary: Accept-Encoding

GET
H2 200 loader.js Show response
sdk.privacy-center.org/839e15c5-b3dc-4adf-9a82-6d97c8ca004d/ 41 KB
10 KB 434ms
146ms Script
application/javascript 2600:9000:2510:9000:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/839e15c5-b3dc-4adf-9a82-6d97c8ca004d/loader.js?target_type=notice&target=wPiVa7yH
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:9000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2430d8bc92feac463e9f1e6af473f2d2b90181b0f20457f24882d2fc23878f0e

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

content-encoding: br
etag: W/"797f53e4f8f9faa4cb0e5e9b6dee174d"
age: 5728
x-amzn-requestid: 55e9b043-aa03-4142-879f-3b2326489ac9
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pmgp1YcMrC2HSxqN-NjHHMPU648BJMbJFG3XuZ6Q03MwedgqryB9dQ==
date: Wed, 16 Oct 2024 15:55:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=7200, public
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:true
x-amzn-trace-id: Root=1-670e8bbd-0f597cc96bce017320225c49;Parent=42ef372156d18979;Sampled=0;Lineage=1:eaae1266:0
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-didomi-configs-version: 112
x-amz-cf-pop: JFK50-P5

GET
H2 200 740.png
static.bonniernews.se/images/1c/7d/1c7dd6c4598f43558317732f63691d4c/annan/ 13 KB
13 KB 476ms
222ms Image
image/webp 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bonniernews.se/images/1c/7d/1c7dd6c4598f43558317732f63691d4c/annan/740.png

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12f34d140baaa1be3ce4e292a01d22c25e95ed349e6a862629655e6c647fd39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

fastly-stats: io=1
strict-transport-security: max-age=31536000
fastly-io-info: ifsz=20265 idim=740x183 ifmt=png ofsz=13126 odim=740x183 ofmt=webp
cache-control: public,max-age=691200
etag: "JvJQe/HQsH6n6tY0h053jCuglgzL2JDhGdqkgVX+iWE"
age: 5397540
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13126
fastly-io-served-by: vpop-etou8240192
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: image/webp
vary: Accept

GET
H2 200 838.png
static.bonniernews.se/images/89/8d/898daa48916e4bf1a0a36b40e517168e/16x9/ 38 KB
39 KB 528ms
275ms Image
image/webp 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bonniernews.se/images/89/8d/898daa48916e4bf1a0a36b40e517168e/16x9/838.png

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4be04f584f4770737f45f7659c411058d1aee5ac640eb46829fb59462b374f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

fastly-stats: io=1
strict-transport-security: max-age=31536000
fastly-io-info: ifsz=567614 idim=2560x1442 ifmt=jpeg ofsz=39288 odim=838x472 ofmt=webp
cache-control: public,max-age=691200
etag: "na4eMYSVMG2W+nRnXC+YObPE2F+moQuR1powWdqDN+k"
age: 2485
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39288
fastly-io-served-by: vpop-etou8240198
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: image/webp
vary: Accept

GET
H2 200 278.png
static.bonniernews.se/images/7d/72/7d72379bb47d47a3afe3e156b8723c13/1x1/ 4 KB
4 KB 459ms
223ms Image
image/webp 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bonniernews.se/images/7d/72/7d72379bb47d47a3afe3e156b8723c13/1x1/278.png

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32dd3a55a6058d99a1c2ff295b51afb7a772c7088e7dc2b50e5667591457b431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

fastly-stats: io=1
strict-transport-security: max-age=31536000
fastly-io-info: ifsz=25322 idim=461x461 ifmt=jpeg ofsz=4106 odim=278x278 ofmt=webp
cache-control: public,max-age=691200
etag: "EB4zJ1UVEtJ1403AHeJULfd6txKTxh2uHoxTqFQCfvY"
age: 7899
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4106
fastly-io-served-by: vpop-etou8240197
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: image/webp
vary: Accept

GET
H2 200 524@40.jpg
static.bonniernews.se/images/ea/ac/eaac8c1590d446db9994a5eee1731786/16x9/ 6 KB
7 KB 497ms
496ms Image
image/webp 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bonniernews.se/images/ea/ac/eaac8c1590d446db9994a5eee1731786/16x9/524@40.jpg

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

449eb6543ea6c28bc8f3d9d3d9a4ed5251925a55395a78f318feda529b322aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

fastly-stats: io=1
strict-transport-security: max-age=31536000
fastly-io-info: ifsz=130368 idim=1014x571 ifmt=jpeg ofsz=6586 odim=524x295 ofmt=webp
cache-control: public,max-age=691200
etag: "GKBwWrYLSiQgPIBlPKh2ZKg7Ji2UrQ67nuFNJpB7aGA"
age: 7969
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6586
fastly-io-served-by: vpop-etou8240193
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: image/webp
vary: Accept

GET
H2 200 524@40.jpg
static.bonniernews.se/images/9d/4a/9d4acda88fce4d6b8f354348b01bcd96/16x9/ 13 KB
13 KB 498ms
497ms Image
image/webp 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.bonniernews.se/images/9d/4a/9d4acda88fce4d6b8f354348b01bcd96/16x9/524@40.jpg

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1448f84afdd265546fcd16ac8589679699d68293ceaaa2bc439f3985b8cd8418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

fastly-stats: io=1
strict-transport-security: max-age=31536000
fastly-io-info: ifsz=144535 idim=904x510 ifmt=jpeg ofsz=13002 odim=524x296 ofmt=webp
cache-control: public,max-age=691200
etag: "TVfSKVHasyR7uqb6G8eNegSY3whs6lVq4OWaUEClzBw"
age: 23156
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13002
fastly-io-served-by: vpop-etou8240193
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: image/webp
vary: Accept

GET
H2 206 tvtool3f6a6907-8f2f-4edb-ba2a-01bbf9e621c6_1729092280233_432p.mp4
313ffac5c43f6f9c49e083351f0aaf88-httpcache0-03837-cachedown0.dna.ip-only.net/03837-cachedown0/ncode/2024-10-16/tvtool3f6a6907-8f2f-4edb-ba2a-01bbf9e621c6_1729092280233/ 128 KB
128 KB 1074ms
235ms Media
video/mp4 213.132.98.206
IPO-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://313ffac5c43f6f9c49e083351f0aaf88-httpcache0-03837-cachedown0.dna.ip-only.net/03837-cachedown0/ncode/2024-10-16/tvtool3f6a6907-8f2f-4edb-ba2a-01bbf9e621c6_1729092280233/tvtool3f6a6907-8f2f-4edb-ba2a-01bbf9e621c6_1729092280233_432p.mp4
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.132.98.206 Stockholm, Sweden, ASN12552 (IPO-EU, SE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2087a1745af0c30b793b83f15c6618216a66f9ccdd772d57ce4cabc34c501dc7

Request headers

Referer: https://www.expressen.se/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Range: bytes=0-

Response headers

access-control-max-age: 39083
access-control-expose-headers: Date
etag: 670fdae6-1fe18
access-control-allow-methods: HEAD, GET, OPTIONS
x-cache: hit
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: video/mp4
x-cache-name: n3606
last-modified: Wed, 16 Oct 2024 15:25:26 GMT
cache-control: max-age=39083
x-cdn: iponly
access-control-allow-credentials: true
Content-Range: bytes 0-130583/130584
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 130584
server: nginx/1.20.1

GET
H2 200 bau-noprebid.js Show response
assets.bonad.io/bundles/ 66 KB
19 KB 682ms
222ms Script
text/javascript 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bonad.io/bundles/bau-noprebid.js

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbfd8e38764b1f5eec5a75b634793ad83d79ac706050404f8496e6ea40a4c0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-meta-goog-reserved-file-mtime: 1728387140
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
etag: "106dcb3fb591d8b12cc7e4579ea4fb14"
age: 169
x-goog-meta-surrogate-key: bau
expires: Tue, 08 Oct 2024 12:32:42 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date: Wed, 16 Oct 2024 16:35:44 GMT
last-modified: Tue, 08 Oct 2024 11:32:31 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: public, max-age=3, s-maxage=3600, no-store
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18745

GET
H2 200 gtm.js Show response
tracking.expressen.se/ 269 KB
84 KB 407ms
239ms Script
application/javascript 34.111.220.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.expressen.se/gtm.js?id=GTM-MQ5CW3S
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.220.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 203.220.111.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 18240d1e987ff30fd0d337904aec724a61962a09a25408a8d35fe59402b82b14

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
expires: Wed, 16 Oct 2024 16:50:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 16:35:44 GMT
last-modified: Wed, 16 Oct 2024 16:11:10 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
server: Google Frontend

GET
H2 200 web-vitals-f6f984717e76269f41dd2b6d2e5836b1.js Show response
static.bonniernews.se/bundles/assets/ 7 KB
3 KB 497ms
497ms Script
application/javascript 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/assets/web-vitals-f6f984717e76269f41dd2b6d2e5836b1.js

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: private,max-age=691200
content-encoding: gzip
etag: "f6f984717e76269f41dd2b6d2e5836b1"
age: 4367877
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2501
date: Wed, 16 Oct 2024 16:35:44 GMT
last-modified: Fri, 02 Feb 2024 14:02:49 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 main.mobile_80624fa2a2d974233b3abb80256fc0d1.js Show response
static.bonniernews.se/bundles/expressen/scripts/ 56 KB
17 KB 498ms
497ms Script
application/javascript 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/scripts/main.mobile_80624fa2a2d974233b3abb80256fc0d1.js

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d503e5117db99389ee3598e1a8e469a692088db1bc7f3ded5c46bc3f03fb6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
content-encoding: gzip
etag: "80624fa2a2d974233b3abb80256fc0d1"
age: 1225486
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17558
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 02 Oct 2024 12:09:35 GMT
vary: Accept-Encoding

GET
H2 200 signedIn_20c425ffaa362b605f1ebf67fdfe144b.js Show response
static.bonniernews.se/bundles/expressen/scripts/ 1 KB
625 B 499ms
498ms Script
application/javascript 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/scripts/signedIn_20c425ffaa362b605f1ebf67fdfe144b.js

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bbed863da01dcbaa67038540634876b6e9c8f0bb093b1923a40f4ec9d77a29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
content-encoding: gzip
etag: "20c425ffaa362b605f1ebf67fdfe144b"
age: 5589214
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 534
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 23 Jul 2024 12:44:00 GMT
vary: Accept-Encoding

GET
H2 200 signedOut_2a6942b9abeff0f6920bfe4653592ecd.js Show response
static.bonniernews.se/bundles/expressen/scripts/ 396 B
334 B 499ms
499ms Script
application/javascript 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/scripts/signedOut_2a6942b9abeff0f6920bfe4653592ecd.js

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7dfbb3a53b66f3f3055a0a9ea7966988c68881e9451f5b1dd6d4984fa255dfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
content-encoding: gzip
etag: "2a6942b9abeff0f6920bfe4653592ecd"
age: 4279924
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 266
date: Wed, 16 Oct 2024 16:35:44 GMT
last-modified: Tue, 23 Jul 2024 12:44:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 sdk.b2a3c17a678ea7062d171089b67919517c588d58.js Show response
sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/ 362 KB
94 KB 138ms
138ms Script
application/javascript 2600:9000:2510:9000:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/sdk.b2a3c17a678ea7062d171089b67919517c588d58.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/839e15c5-b3dc-4adf-9a82-6d97c8ca004d/loader.js?target_type=notice&target=wPiVa7yH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:9000:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5f286a5113e6a94c2ad621e4ffba3f5b598896c744b9781af86782bff104580

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"c48f84cdf5d9be4e5212c351f58d4c46-1"
age: 113644
via: 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Sks-A8-Y6UmDoFqSeeU_vRsEP8Nar7EA5qUlt2DyjbWT41RQoo9Mtw==
date: Tue, 15 Oct 2024 09:01:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 15 Oct 2024 09:01:04 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H3 200 ui-gdpr-sv-web.b2a3c17a678ea7062d171089b67919517c588d58.js Show response
sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/ 270 KB
57 KB 138ms
137ms Script
application/javascript 18.164.96.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/ui-gdpr-sv-web.b2a3c17a678ea7062d171089b67919517c588d58.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/sdk.b2a3c17a678ea7062d171089b67919517c588d58.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.96.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-40.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4691f010790580ce31f1dcffeb6d31f7b4311942aafa2a7e8c2faabece146dfa

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"f141e8d39ef74fed3b20169432309c6e-1"
age: 106843
via: 1.1 57a5349e40888d521545fc9b83f270a4.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ZUBNezKu5azQxFXAFrj5PJxtZ3jUqSEBOtaFxaIkKxPINVNkAAL0Mw==
date: Tue, 15 Oct 2024 10:55:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 15 Oct 2024 09:01:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js Show response
static.bonniernews.se/bundles/assets/ 83 KB
27 KB 243ms
242ms Script
application/javascript 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/assets/seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js

Requested by

Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/sdk.b2a3c17a678ea7062d171089b67919517c588d58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37d539665ceff61842062e986ae1c71fbe363a63338b8ca0af9013b171b76761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: private,max-age=691200
content-encoding: gzip
etag: "4c0eb6cbdb68e58fc3226cc7f314e750"
age: 6773648
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27272
date: Wed, 16 Oct 2024 16:35:44 GMT
last-modified: Tue, 11 Jun 2024 12:23:46 GMT
content-type: application/javascript
vary: Accept-Encoding

OPTIONS
H2 204 events
api.privacy-center.org/v1/ 0
0 507ms
220ms Preflight 2600:9000:2512:dc00:d:2044:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.privacy-center.org/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:dc00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.expressen.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers: content-type,x-requested-with
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
date: Wed, 16 Oct 2024 16:35:45 GMT
vary: Access-Control-Request-Headers
via: 1.1 43612939fd59beab4d0cf84fecc2c956.cloudfront.net (CloudFront)
x-amz-cf-id: vS8V5a4dksvYipf8gntXkNfmqQSI8bgmMZgCedKK7E_HRKZWHnbdEA==
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 204 events Show response
api.privacy-center.org/v1/ 0
568 B 238ms
236ms XHR
text/plain 2600:9000:2512:dc00:d:2044:5c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.privacy-center.org/v1/events

Requested by

Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/b2a3c17a678ea7062d171089b67919517c588d58/modern/sdk.b2a3c17a678ea7062d171089b67919517c588d58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:dc00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressen.se/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json

Response headers

surrogate-control: no-store
etag: W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
x-didomi-version: 39486b51
x-cache: Miss from cloudfront
x-amz-cf-id: 9ORai6DVLFXiRlXEcTtRjlb1Gwlk3UeMckbobA59CEf9-B5HSub3HQ==
date: Wed, 16 Oct 2024 16:35:45 GMT
vary: Accept
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-dns-prefetch-control: off
pragma: no-cache
allow: POST
x-download-options: noopen
via: 1.1 43612939fd59beab4d0cf84fecc2c956.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P7

GET
H2 200 expressen.svg
www.expressen.se/images/ 4 KB
2 KB 222ms
221ms Image
image/svg+xml 2a04:4e42:1f::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.expressen.se/images/expressen.svg

Requested by

Host: www.expressen.se
URL: https://www.expressen.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1f::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

71289f8e31c0dea46e4bac4533fd2c47b3319137c15524a270b7be4b6b05b198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=60
x-correlation-id: d1e481e7-97f4-48a4-a82f-4f6d92d093fd
content-encoding: gzip
etag: W/"f5e-1927b7d6360"
age: 48840
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1849
date: Wed, 16 Oct 2024 16:35:45 GMT
x-cloud-trace-context: ef93bf585c9d5250bca7f9a52a1028d8
content-type: image/svg+xml
vary: Accept-Encoding,User-Agent
last-modified: Fri, 11 Oct 2024 12:11:08 GMT

OPTIONS
H2 200 message
l.seenthis.co/api/post/ 0
0 411ms
219ms Preflight
text/plain 34.36.190.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.seenthis.co/api/post/message
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.190.125 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.190.36.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.expressen.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.expressen.se
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 16 Oct 2024 16:35:44 GMT
server: uvicorn
vary: Origin
via: 1.1 google

OPTIONS
H2 200 message
l.seenthis.co/api/post/ 0
0 407ms
217ms Preflight
text/plain 34.36.190.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.seenthis.co/api/post/message
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.190.125 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.190.36.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.expressen.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.expressen.se
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 16 Oct 2024 16:35:44 GMT
server: uvicorn
vary: Origin
via: 1.1 google

GET
H2 200 seenthis-player.js Show response
cdn.staging.sitestream.co/libs/storylines/1.0.49/ 49 KB
17 KB 741ms
569ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staging.sitestream.co/libs/storylines/1.0.49/seenthis-player.js
Requested by: Host: static.bonniernews.se
URL: https://static.bonniernews.se/bundles/assets/seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4dbca351e418f0f8723b1c5d924c4b966b1d453d15324f0177d6c1756e52fcdd

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 2
x-goog-meta-goog-reserved-file-mtime: 1710504888
x-goog-hash: crc32c=Yuthuw==, md5=vm3L+eLSaaDYiAULxUDyVg==
content-encoding: gzip
etag: "be6dcbf9e2d269a0d888050bc540f256"
age: 47613
x-backend-sha: 31f9ccfc90197c8406d234c1afd525caa3d78545
x-goog-stored-content-encoding: identity
expires: Thu, 26 Sep 2024 03:22:07 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 49818
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Fri, 15 Mar 2024 12:14:56 GMT
content-type: text/javascript
x-served-by: cache-bma1657-BMA, cache-lax-kwhp1940036-LAX
x-cache-hits: 7968039, 0
x-guploader-uploadid: AD-8ljt963EsjzczYHub7yxReJLIBfIJQTnHViGNIWzTJuLPANdAm85kV8iGZ2Q2jcPZI6tY2ms
vary: Origin, Accept-Encoding
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096545.154618,VS0,VE494
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1710504896896609
x-debug-version: 1.0.49
content-length: 16828
server: UploadServer
x-backend-version: 1.0.49

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea8eeaff333d34c6b5d847ef7914bfb1adfda282722af631be4ab65680bc4e80

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 201 message Show response
l.seenthis.co/api/post/ 15 B
86 B 220ms
219ms Fetch
application/json 34.36.190.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.seenthis.co/api/post/message
Requested by: Host: static.bonniernews.se
URL: https://static.bonniernews.se/bundles/assets/seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.190.125 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.190.36.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer: https://www.expressen.se/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Wed, 16 Oct 2024 16:35:45 GMT
content-type: application/json
server: uvicorn

POST
H2 201 message Show response
l.seenthis.co/api/post/ 15 B
69 B 223ms
220ms Fetch
application/json 34.36.190.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.seenthis.co/api/post/message
Requested by: Host: static.bonniernews.se
URL: https://static.bonniernews.se/bundles/assets/seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.190.125 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.190.36.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer: https://www.expressen.se/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Wed, 16 Oct 2024 16:35:44 GMT
content-type: application/json
server: uvicorn

GET
H2 200 clhuc8asj0000qv4yufdtvzdi-Storylines-Ettan.json Show response
video.sitestream.co/stories-configs/ 18 KB
19 KB 237ms
79ms Fetch
application/json 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sitestream.co/stories-configs/clhuc8asj0000qv4yufdtvzdi-Storylines-Ettan.json
Requested by: Host: static.bonniernews.se
URL: https://static.bonniernews.se/bundles/assets/seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5b72ac4b82c09bf8a8924b468357345c351a9364c9ef5dccc1205e761e82f889

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=RkNtfQ==, md5=ttunKS04t0TLItXX1lSI6g==
etag: "b6dba7292d38b744cb22d5d7d65488ea"
age: 0
x-goog-stored-content-encoding: identity
expires: Wed, 15 Oct 2025 12:47:06 GMT
x-goog-stored-content-length: 18534
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Tue, 15 Oct 2024 12:45:49 GMT
content-type: application/json
x-served-by: cache-bur-kbur8200062-BUR
x-cache-hits: 52
x-guploader-uploadid: AHmUCY1daeNkRE6VVcnWsB2OioDuIYM36JPfa2BAX0uFkoSAFIc9XWnbW_aftESzKca0Jg7zgmezlfuzcw
cache-control: max-age=300
x-goog-storage-class: STANDARD
x-timer: S1729096545.150213,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728996349370109
content-length: 18534
server: UploadServer

POST
H2 201 message Show response
l.seenthis.co/api/post/ 15 B
69 B 222ms
220ms Fetch
application/json 34.36.190.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.seenthis.co/api/post/message
Requested by: Host: static.bonniernews.se
URL: https://static.bonniernews.se/bundles/assets/seenthis-swipe-4c0eb6cbdb68e58fc3226cc7f314e750.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.190.125 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.190.36.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer: https://www.expressen.se/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
date: Wed, 16 Oct 2024 16:35:45 GMT
content-type: application/json
server: uvicorn

OPTIONS
H2 200 message
l.seenthis.co/api/post/ 0
0 221ms
221ms Preflight
text/plain 34.36.190.125
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.seenthis.co/api/post/message
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.190.125 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 125.190.36.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.expressen.se
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.expressen.se
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 16 Oct 2024 16:35:45 GMT
server: uvicorn
vary: Origin
via: 1.1 google

GET
H2 200 playlist.mpd Show response
video.sitestream.co/delivery/stream/aYtGkqMg-vw5ZiPHL3rtd/ 18 KB
18 KB 77ms
77ms Fetch
application/dash+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sitestream.co/delivery/stream/aYtGkqMg-vw5ZiPHL3rtd/playlist.mpd?tid=null&tech=dash-ms
Requested by: Host: cdn.staging.sitestream.co
URL: https://cdn.staging.sitestream.co/libs/storylines/1.0.49/seenthis-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b013b8fe7b627be4179fc58eacece2d90b6260ae49196c423228bef34707aa6b

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

origin: https://www.expressen.se
etag: "4e454c92fae668551a99c60c1f467384"
x-amz-version-id: 9LnachDLp_UXhG2ee27suVRf8jdjFA5r
age: 99667
sec-fetch-site: cross-site
x-cache: HIT
accept: */*
last-modified: Tue, 15 Oct 2024 12:52:45 GMT
content-type: application/dash+xml
x-cache-hits: 21
priority: u=1, i
cache-control: max-age=300
referer: https://www.expressen.se/
accept-language: en-US,en;q=0.9
x-timer: S1729096546.743556,VS0,VE0
x-amz-request-id: 4N204KPT6Z8E2VJP
accept-ranges: bytes
content-length: 18100
server: AmazonS3
x-amz-server-side-encryption: AES256
surrogate-key: delivery-stream-aYtGkqMg-vw5ZiPHL3rtd
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br, zstd
date: Wed, 16 Oct 2024 16:35:45 GMT
host: video.sitestream.co
x-served-by: cache-bur-kbur8200087-BUR
x-amz-id-2: xj/DSwapAdyCZ5zYFX2A/Dr//sSY/ShmuA8W3PB1iWrOTP000zJypQaEmouSciHo0x5u381QdLvnIDYQkRbVUA==
sec-fetch-mode: cors
via: 1.1 varnish
access-control-allow-origin: *
user-agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
x-amz-meta-encoder-version: VBR-1.1

GET
H2 200 aYtGkqMg-vw5ZiPHL3rtd
video.sitestream.co/screenshot/ 39 KB
39 KB 79ms
79ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/aYtGkqMg-vw5ZiPHL3rtd
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f7d419c83a7c4e1c32945a35207d5db1c0c3dce41f8da47bc0ca14665466d1dd

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=aISg1w==, md5=6XkfrdsqCJuphkRjQG5b/w==
etag: "e9791faddb2a089ba9864463406e5bff"
age: 1012
x-goog-stored-content-encoding: identity
expires: Tue, 15 Oct 2024 13:46:27 GMT
x-goog-stored-content-length: 39844
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Tue, 15 Oct 2024 12:45:19 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940137-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY3vMcjf3tc_uiQYlImMltNR6Z7btm9B6V1NU8B1aVn0AR1aoSVnK3MCGP8clzozcF0MIHs
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.745308,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728996319133029
content-length: 39844
server: UploadServer

GET
H2 200 play.svg
cdn.staging.sitestream.co/libs/storylines/1.0.49/assets/icons/expressen/ 149 B
785 B 536ms
534ms Image
image/svg+xml 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.staging.sitestream.co/libs/storylines/1.0.49/assets/icons/expressen/play.svg
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7c6346698ae53c3c147358cf80ff3f8c8b81666e375cdf89b4da9136f028be6e

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 2
x-goog-meta-goog-reserved-file-mtime: 1710504890
x-goog-hash: crc32c=dQHKpQ==, md5=ZSqN5bF61aqL2yQM2tXx3w==
content-encoding: gzip
etag: "652a8de5b17ad5aa8bdb240cdad5f1df"
age: 10606
x-backend-sha: 31f9ccfc90197c8406d234c1afd525caa3d78545
x-goog-stored-content-encoding: identity
expires: Fri, 17 May 2024 13:38:43 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 149
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 16:35:46 GMT
last-modified: Fri, 15 Mar 2024 12:14:56 GMT
content-type: image/svg+xml
x-served-by: cache-bma1658-BMA, cache-lax-kwhp1940036-LAX
x-cache-hits: 5444268, 0
x-guploader-uploadid: ABPtcPqGsknhlFFRode3Xj5vPGbOIJeiIRA4pEHLyQTQmW_N7SHMwyLghukFGSammuL6QrOJ8q4
vary: Accept-Encoding
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.746207,VS0,VE460
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1710504896113526
x-debug-version: 1.0.49
content-length: 146
server: UploadServer
x-backend-version: 1.0.49

GET
H2 200 Xo_USkKqFWVsraqgVYKMd
video.sitestream.co/screenshot/ 48 KB
48 KB 99ms
97ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/Xo_USkKqFWVsraqgVYKMd
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f9045d098f8a46d30fedbf0d692d235b0a3b73509fe21c48b0e7ac01dbe2bd25

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=DtO6GQ==, md5=BOqJPiRKpWw7FEOsehZ56w==
etag: "04ea893e244aa56c3b1443ac7a1679eb"
age: 2639
x-goog-stored-content-encoding: identity
expires: Tue, 15 Oct 2024 08:38:01 GMT
x-goog-stored-content-length: 48716
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Tue, 15 Oct 2024 07:30:18 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940031-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY0bpBOPt6O9B1-7HDnc4NzHAuIlqK_Uwp5GoPMd_fcUXAr5qX3tvEJqTqOA7mb4PNvlw4vgHe_Rxg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.749417,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728977418054415
content-length: 48716
server: UploadServer

GET
H2 200 QMwzNLS2j4ctRtxbaOcL1
video.sitestream.co/screenshot/ 43 KB
43 KB 101ms
100ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/QMwzNLS2j4ctRtxbaOcL1
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1fc20a063a4806093681141ffa50598c25c5a75c958083940bc34da8cf94d447

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=aeczGA==, md5=lw0EgmA+fB8UsHSOXcHMxg==
etag: "970d0482603e7c1f14b0748e5dc1ccc6"
age: 2677
x-goog-stored-content-encoding: identity
expires: Mon, 14 Oct 2024 15:32:16 GMT
x-goog-stored-content-length: 43817
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Mon, 14 Oct 2024 14:30:36 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940036-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY3YglYCBGSW4m9esQBdqRF0xZYWbcoynt1tBQTjJ010krKIKaLtvzNcqiCCSul-na2_jnmswbeQXw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.749738,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728916236724123
content-length: 43817
server: UploadServer

GET
H2 200 h5hxOc23B53fXWTsfFqov
video.sitestream.co/screenshot/ 29 KB
29 KB 100ms
99ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/h5hxOc23B53fXWTsfFqov
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 570e0676a7167224c19df5ef8b256f0f8582385699d922612d8259790d42452e

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=P7dLAw==, md5=Vfq+qmjOw6DXTSLUwhBgsQ==
etag: "55fabeaa68cec3a0d74d22d4c21060b1"
age: 2731
x-goog-stored-content-encoding: identity
expires: Mon, 14 Oct 2024 09:33:13 GMT
x-goog-stored-content-length: 29808
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Mon, 14 Oct 2024 08:30:23 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940031-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY1-JhNA1vpR6nScp53YKFnW4AZgtuWX3EsZ7ndbdvxggh5jCJus_kk5GT7H9bXuqOBmFjjhFpiV9g
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.749340,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728894623551287
content-length: 29808
server: UploadServer

GET
H2 200 K8lSlE-bXWirELUEWSqw0
video.sitestream.co/screenshot/ 38 KB
39 KB 101ms
100ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/K8lSlE-bXWirELUEWSqw0
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 82a33998febe850aeb39052849ab59aa4db93ca8d023e0437cb9615a6cd115ce

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=e1jivg==, md5=KiUjzaqeqD8fwn+651laXA==
etag: "2a2523cdaa9ea83f1fc27fbae7595a5c"
age: 3230
x-goog-stored-content-encoding: identity
expires: Sun, 13 Oct 2024 23:46:04 GMT
x-goog-stored-content-length: 39064
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Sun, 13 Oct 2024 22:30:33 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940036-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY2pTieBFT1hn5Gr7w-g0vkhmbQgj6i0QTYuz0xag2y_mihk_S4lwpMhCYuGXnuXOd8X7tgfHE6NHw
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.749731,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728858633432545
content-length: 39064
server: UploadServer

GET
H2 200 kFzd4jWnLsXh_NM46X-BG
video.sitestream.co/screenshot/ 45 KB
46 KB 101ms
101ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/kFzd4jWnLsXh_NM46X-BG
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 80b8cd4c2d02d282866a1be95b773378980cffc80314540f20ee210654d1a259

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=qzhdJQ==, md5=WXRpjX2EDW/asWteiF9ORw==
etag: "5974698d7d840d6fdab16b5e885f4e47"
age: 3038
x-goog-stored-content-encoding: identity
expires: Sun, 13 Oct 2024 10:06:02 GMT
x-goog-stored-content-length: 46520
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Sun, 13 Oct 2024 09:00:34 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940095-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY3rEWC_syLzAiUnw140SXVHW5-uvXgT4-__psDMunpHB9t9mKSNLW-Hbs0WIouPcuMf8NQ
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.749975,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728810034415669
content-length: 46520
server: UploadServer

GET
H2 200 --syuJYWHEy1YbVHJJTvW
video.sitestream.co/screenshot/ 49 KB
50 KB 100ms
100ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/--syuJYWHEy1YbVHJJTvW
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2741e6226165e6b901b2256ad46f871efa72b018c8deae2d3c9dd49bed37691a

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=2p47Rw==, md5=JmBwj5c4uQPQpSNf4MLOtA==
etag: "2660708f9738b903d0a5235fe0c2ceb4"
age: 1681
x-goog-stored-content-encoding: identity
expires: Wed, 16 Oct 2024 05:28:31 GMT
x-goog-stored-content-length: 50404
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Sat, 12 Oct 2024 17:30:53 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940036-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY08FR2GKY04Wm9CZWcibQNsYniJbKSClUnyeO_6eapAQRD4lnbdmzhWXuCBcUbf8588LH8
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.750195,VS0,VE1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728754253501228
content-length: 50404
server: UploadServer

GET
H2 200 VsBDqOPku19x7KHXeB8vK
video.sitestream.co/screenshot/ 43 KB
43 KB 148ms
148ms Image
image/jpeg 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.sitestream.co/screenshot/VsBDqOPku19x7KHXeB8vK
Requested by: Host: www.expressen.se
URL: https://www.expressen.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40c87d79cf1fae69646ee68ab71e15121971a2da250880c965c5ad2a47a9ec13

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=datKTg==, md5=BP7MAaHnqej/hzY4w2uVOw==
etag: "04fecc01a1e7a9e8ff873638c36b953b"
age: 456
x-goog-stored-content-encoding: identity
expires: Wed, 16 Oct 2024 12:52:44 GMT
x-goog-stored-content-length: 43977
x-cache: HIT
date: Wed, 16 Oct 2024 16:35:45 GMT
last-modified: Sat, 12 Oct 2024 17:30:41 GMT
content-type: image/jpeg
x-served-by: cache-lax-kwhp1940106-LAX
x-cache-hits: 0
x-guploader-uploadid: AHmUCY3Wtc8xdNVDxQ9UKMO6vj7023O68DydLoeOJZ9KYy2NN02ewW3z5ESt5QUsJIZuSb7NQN4U49JI_Q
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
x-timer: S1729096546.750315,VS0,VE14
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1728754241562171
content-length: 43977
server: UploadServer

GET
H2 206 input_0.m4s Show response
video.sitestream.co/delivery/stream/aYtGkqMg-vw5ZiPHL3rtd/ 150 KB
150 KB 107ms
107ms Fetch 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sitestream.co/delivery/stream/aYtGkqMg-vw5ZiPHL3rtd/input_0.m4s?range=0-153821&tid=null&tech=dash-ms
Requested by: Host: cdn.staging.sitestream.co
URL: https://cdn.staging.sitestream.co/libs/storylines/1.0.49/seenthis-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4e343fd04080b44f1c9a4f145f5cb8c2bc64483a27a9b9268897b27fd347514

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

origin: https://www.expressen.se
surrogate-key: delivery-stream-aYtGkqMg-vw5ZiPHL3rtd
sec-fetch-site: cross-site
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br, zstd
accept: */*
date: Wed, 16 Oct 2024 16:35:45 GMT
host: video.sitestream.co
x-served-by: cache-bur-kbur8200062-BUR
priority: u=1, i
cache-control: max-age=300
referer: https://www.expressen.se/
accept-language: en-US,en;q=0.9
sec-fetch-mode: cors
access-control-allow-origin: *
content-length: 153822
user-agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

GET
H2 206 input_audio.m4a Show response
video.sitestream.co/delivery/stream/aYtGkqMg-vw5ZiPHL3rtd/ 33 KB
33 KB 79ms
79ms Fetch 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sitestream.co/delivery/stream/aYtGkqMg-vw5ZiPHL3rtd/input_audio.m4a?range=0-33328&tid=null&tech=dash-ms
Requested by: Host: cdn.staging.sitestream.co
URL: https://cdn.staging.sitestream.co/libs/storylines/1.0.49/seenthis-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 683dd972d3a2a952add44c545d3659b2fe3518cbabdd9fe378979d29ae233fcf

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

origin: https://www.expressen.se
surrogate-key: delivery-stream-aYtGkqMg-vw5ZiPHL3rtd
sec-fetch-site: cross-site
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br, zstd
accept: */*
date: Wed, 16 Oct 2024 16:35:44 GMT
host: video.sitestream.co
x-served-by: cache-bur-kbur8200024-BUR
priority: u=1, i
cache-control: max-age=300
referer: https://www.expressen.se/
accept-language: en-US,en;q=0.9
sec-fetch-mode: cors
access-control-allow-origin: *
content-length: 33329
user-agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

GET
H3 200 favicon.ico
static.bonniernews.se/bundles/expressen/images/ 5 KB
2 KB 212ms
212ms Other
image/x-icon 151.101.37.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.bonniernews.se/bundles/expressen/images/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.37.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f20488681e3603918b74aea1301b5c5514451461545caf29dbad46fdc67c06b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://www.expressen.se/

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=691200
content-encoding: gzip
etag: "f2763cd335833dde2b8cfcbdcb59faa4"
age: 3520069
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1546
date: Wed, 16 Oct 2024 16:35:46 GMT
content-type: image/x-icon
last-modified: Mon, 24 Jan 2022 12:40:39 GMT
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.expressen.se/	1970-01-21 02:27:52	Name: __extblt Value: 83
			.expressen.se/	1970-01-21 09:05:18	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTkyOTYyZjctMTU0Yy02NDE1LWFjOTMtMWNkMjZiMTFjMzEyIiwiY3JlYXRlZCI6IjIwMjQtMTAtMTZUMTY6MzU6NDQuNTk2WiIsInVwZGF0ZWQiOiIyMDI0LTEwLTE2VDE2OjM1OjQ0LjU5NloiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

313ffac5c43f6f9c49e083351f0aaf88-httpcache0-03837-cachedown0.dna.ip-only.net
api.privacy-center.org
assets.bonad.io
cdn.staging.sitestream.co
gillaquiz.nu
l.seenthis.co
sdk.privacy-center.org
static.bonniernews.se
tracking.expressen.se
video.sitestream.co
www.expressen.se
151.101.193.91
151.101.37.91
151.101.65.91
18.164.96.40
213.132.98.206
2600:9000:2510:9000:5:b7cc:d3c0:93a1
2600:9000:2512:dc00:d:2044:5c40:93a1
2a04:4e42:1f::347
34.111.220.203
34.160.47.224
34.36.190.125
087bcbe71a50104b9c8aa650ce97caffa786ea1b86fc7d04658bcfc847c120b4
12f34d140baaa1be3ce4e292a01d22c25e95ed349e6a862629655e6c647fd39b
1448f84afdd265546fcd16ac8589679699d68293ceaaa2bc439f3985b8cd8418
18240d1e987ff30fd0d337904aec724a61962a09a25408a8d35fe59402b82b14
1d503e5117db99389ee3598e1a8e469a692088db1bc7f3ded5c46bc3f03fb6d0
1fc20a063a4806093681141ffa50598c25c5a75c958083940bc34da8cf94d447
2087a1745af0c30b793b83f15c6618216a66f9ccdd772d57ce4cabc34c501dc7
2430d8bc92feac463e9f1e6af473f2d2b90181b0f20457f24882d2fc23878f0e
2741e6226165e6b901b2256ad46f871efa72b018c8deae2d3c9dd49bed37691a
32dd3a55a6058d99a1c2ff295b51afb7a772c7088e7dc2b50e5667591457b431
37d539665ceff61842062e986ae1c71fbe363a63338b8ca0af9013b171b76761
40c1b7ea98e73ef8377e9aca74f1a264137055ee143363b0914263f717a4b050
40c87d79cf1fae69646ee68ab71e15121971a2da250880c965c5ad2a47a9ec13
449eb6543ea6c28bc8f3d9d3d9a4ed5251925a55395a78f318feda529b322aec
4691f010790580ce31f1dcffeb6d31f7b4311942aafa2a7e8c2faabece146dfa
4bbed863da01dcbaa67038540634876b6e9c8f0bb093b1923a40f4ec9d77a29b
4be04f584f4770737f45f7659c411058d1aee5ac640eb46829fb59462b374f18
4dbca351e418f0f8723b1c5d924c4b966b1d453d15324f0177d6c1756e52fcdd
570e0676a7167224c19df5ef8b256f0f8582385699d922612d8259790d42452e
5b72ac4b82c09bf8a8924b468357345c351a9364c9ef5dccc1205e761e82f889
683dd972d3a2a952add44c545d3659b2fe3518cbabdd9fe378979d29ae233fcf
6d9b5f45852d679cfccd8c94a5dc94af5d05172a3434772dca625ba69267dcca
71289f8e31c0dea46e4bac4533fd2c47b3319137c15524a270b7be4b6b05b198
7c6346698ae53c3c147358cf80ff3f8c8b81666e375cdf89b4da9136f028be6e
7dfbb3a53b66f3f3055a0a9ea7966988c68881e9451f5b1dd6d4984fa255dfab
80b8cd4c2d02d282866a1be95b773378980cffc80314540f20ee210654d1a259
82a33998febe850aeb39052849ab59aa4db93ca8d023e0437cb9615a6cd115ce
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
b013b8fe7b627be4179fc58eacece2d90b6260ae49196c423228bef34707aa6b
b3741635b1f0031805e7ae2cafeec569dee3bbb6a432d0963d35ca140db6cb4f
cbfd8e38764b1f5eec5a75b634793ad83d79ac706050404f8496e6ea40a4c0ee
d4e343fd04080b44f1c9a4f145f5cb8c2bc64483a27a9b9268897b27fd347514
e10934b7e0b911d8f70e2c7cd5a7006eb01c9c8d4f4384e97e1aa64fef732b3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f286a5113e6a94c2ad621e4ffba3f5b598896c744b9781af86782bff104580
ea8eeaff333d34c6b5d847ef7914bfb1adfda282722af631be4ab65680bc4e80
f20488681e3603918b74aea1301b5c5514451461545caf29dbad46fdc67c06b4
f7d419c83a7c4e1c32945a35207d5db1c0c3dce41f8da47bc0ca14665466d1dd
f9045d098f8a46d30fedbf0d692d235b0a3b73509fe21c48b0e7ac01dbe2bd25

www.expressen.se Open in urlscan Pro 2a04:4e42:1f::347 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

27 %IPv6

8 Domains

11 Subdomains

11 IPs

2 Countries

1249 kBTransfer

2303 kBSize

2 Cookies

69 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.expressen.se Open in urlscan Pro
2a04:4e42:1f::347 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

1249 kB
Transfer

2303 kB
Size

2
Cookies

44 HTTP transactions
1 data transactions