Submitted URL: https://foretagslan.sveabank.com/
Effective URL: https://foretagslan.svea.com/
Submission: On September 22 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 193.13.207.231, located in Sweden and belongs to TELE2, EU. The main domain is foretagslan.svea.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 7th 2020. Valid for: 2 years.
This is the only time foretagslan.svea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.13.207.46 1257 (TELE2)
8 193.13.207.231 1257 (TELE2)
2 216.58.212.168 15169 (GOOGLE)
3 142.250.185.142 15169 (GOOGLE)
1 13.32.22.75 16509 (AMAZON-02)
1 13.32.22.51 16509 (AMAZON-02)
1 143.204.207.72 16509 (AMAZON-02)
1 52.49.237.17 16509 (AMAZON-02)
1 52.31.239.119 16509 (AMAZON-02)
20 9
Domain Requested by
8 foretagslan.svea.com foretagslan.svea.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
foretagslan.svea.com
2 www.googletagmanager.com foretagslan.svea.com
1 ws8.hotjar.com script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 foretagslan.sveabank.com 1 redirects
20 9

This site contains links to these domains. Also see Links.

Domain
support.bankid.com
www.sveabank.com
Subject Issuer Validity Valid
*.svea.com
DigiCert SHA2 Secure Server CA
2020-04-07 -
2022-04-25
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh

This page contains 2 frames:

Primary Page: https://foretagslan.svea.com/
Frame ID: 3444FAE0A520F3AFBA94DCA8B7497A03
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 9B7D37FB6C8D130B9455B37B0AFAA02C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Svea

Page URL History Show full URLs

  1. https://foretagslan.sveabank.com/ HTTP 301
    https://foretagslan.svea.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

20
Requests

90 %
HTTPS

0 %
IPv6

5
Domains

9
Subdomains

9
IPs

3
Countries

1104 kB
Transfer

2897 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://foretagslan.sveabank.com/ HTTP 301
    https://foretagslan.svea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
foretagslan.svea.com/
Redirect Chain
  • https://foretagslan.sveabank.com/
  • https://foretagslan.svea.com/
914 B
2 KB
Document
General
Full URL
https://foretagslan.svea.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
5984a3f674a7e8cba2e1dac86fdde635dd8c55ded4964f6e870c3bf1d53ae74a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
foretagslan.svea.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
Accept-Ranges
bytes
ETag
"060e025c7a3d71:0"
Vary
Accept-Encoding
Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 22 Sep 2021 16:22:34 GMT
Content-Length
770

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 22 Sep 2021 16:22:35 GMT
Content-Type
text/html
Content-Length
194
Connection
keep-alive
Location
https://foretagslan.svea.com/
main.790ea1ea0600bff70aee54883690707e.css
foretagslan.svea.com/
313 KB
55 KB
Stylesheet
General
Full URL
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
2190f36b3cd0c481fdd29c9dd0154c72db9f74a202746705e074c888d5c2d9d9
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://foretagslan.svea.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
X-Frame-Options
sameorigin
ETag
"060e025c7a3d71:0"
Vary
Accept-Encoding
Content-Type
text/css
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
55402
X-Content-Type-Options
nosniff
main.66a0c6ad58d9d6920129.js
foretagslan.svea.com/
2 MB
548 KB
Script
General
Full URL
https://foretagslan.svea.com/main.66a0c6ad58d9d6920129.js
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
98574f36e768f3547440ddf065fbddc087394d45ffbbf299a18e23726dfcdb8c
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://foretagslan.svea.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 22 Sep 2021 16:05:03 GMT
Transfer-Encoding
chunked
ETag
"293909acbafd71:0"
X-Frame-Options
sameorigin
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:34 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
gtm.js
www.googletagmanager.com/
182 KB
63 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N86QN4X
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
000cefe86338f0cf6f31eda30a1844350bb3cce11042e75308b0700a8f61145e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63603
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 16:22:35 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86QN4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5738
date
Wed, 22 Sep 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 16:46:57 GMT
hotjar-900388.js
static.hotjar.com/c/
6 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-900388.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86QN4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-75.fra56.r.cloudfront.net
Software
/
Resource Hash
7f703baacadd253ea38519f63d076a09836def6b0703135b64463ca124fbba66
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:35 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-edge-origin-shield-skipped
0
etag
W/6fb290152a4bb19dc7b6e49f1a4c0010
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
6o2sFmBKiEA6J4OXereu76QGZQDfNy97KDtI4XEqy55hHntpjqmKOQ==
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
collect
www.google-analytics.com/j/
0
0

collect
www.google-analytics.com/j/
0
0

modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/
221 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-900388.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-51.fra56.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
1156050
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
g7ajK1fcba8UM1nDQUEsQHK8GTjzSg55VqCDpwEQ9LfE-2xCRDxIXQ==
svea-logo.svg
foretagslan.svea.com/images/svea/
858 B
2 KB
Image
General
Full URL
https://foretagslan.svea.com/images/svea/svea-logo.svg
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
1e342e343684fca8f74388849ed86244d99813ab49cb4e7819b4004126ff1467
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Cookie
_ga=GA1.2.1853646731.1632327756; _gid=GA1.2.357534721.1632327756; _gat_UA-110028069-1=1; _gat_UA-82747033-1=1; _hjid=fe21390c-14d3-4ba8-adda-009489401ba4; _hjFirstSeen=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
ETag
"060e025c7a3d71:0"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
858
X-Content-Type-Options
nosniff
background-img.jpg
foretagslan.svea.com/images/svea/
178 KB
179 KB
Image
General
Full URL
https://foretagslan.svea.com/images/svea/background-img.jpg
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
c354fefd0e222b1ac98b1713a3f1ccdcf5bcbd3b59552f0af3e828f2c2e6e0dc
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Cookie
_ga=GA1.2.1853646731.1632327756; _gid=GA1.2.357534721.1632327756; _gat_UA-110028069-1=1; _gat_UA-82747033-1=1; _hjid=fe21390c-14d3-4ba8-adda-009489401ba4; _hjFirstSeen=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
ETag
"060e025c7a3d71:0"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
182320
X-Content-Type-Options
nosniff
Asap-SemiBold.ttf
foretagslan.svea.com/
66 KB
68 KB
Font
General
Full URL
https://foretagslan.svea.com/Asap-SemiBold.ttf
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
0e58964be776a602672f455341cb8232a8d119021b64b044cc65981ebd2f0db5
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://foretagslan.svea.com
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Cookie
_ga=GA1.2.1853646731.1632327756; _gid=GA1.2.357534721.1632327756; _gat_UA-110028069-1=1; _gat_UA-82747033-1=1; _hjid=fe21390c-14d3-4ba8-adda-009489401ba4; _hjFirstSeen=1
Connection
keep-alive
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Origin
https://foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
ETag
"060e025c7a3d71:0"
X-Frame-Options
sameorigin
Content-Type
application/octet-stream
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
67984
X-Content-Type-Options
nosniff
Asap-Regular.ttf
foretagslan.svea.com/
66 KB
67 KB
Font
General
Full URL
https://foretagslan.svea.com/Asap-Regular.ttf
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
90969b7e74c8e2603d6b41f49e62b87955c8b6e8c2e4fc84645539fc1d01e3d3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://foretagslan.svea.com
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Cookie
_ga=GA1.2.1853646731.1632327756; _gid=GA1.2.357534721.1632327756; _gat_UA-110028069-1=1; _gat_UA-82747033-1=1; _hjid=fe21390c-14d3-4ba8-adda-009489401ba4; _hjFirstSeen=1
Connection
keep-alive
Referer
https://foretagslan.svea.com/main.790ea1ea0600bff70aee54883690707e.css
Origin
https://foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
ETag
"060e025c7a3d71:0"
X-Frame-Options
sameorigin
Content-Type
application/octet-stream
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
67576
X-Content-Type-Options
nosniff
Bank-ID_logo.png
foretagslan.svea.com/images/svea/
2 KB
4 KB
Image
General
Full URL
https://foretagslan.svea.com/images/svea/Bank-ID_logo.png
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.13.207.231 , Sweden, ASN1257 (TELE2, EU),
Reverse DNS
foretagskredit.svea.com
Software
/
Resource Hash
02328f6976d58ee41532e43e8a65d905bfe841eb6f7b5f12ae50dd2867d30166
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
foretagslan.svea.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://foretagslan.svea.com/
Cookie
_ga=GA1.2.1853646731.1632327756; _gid=GA1.2.357534721.1632327756; _gat_UA-110028069-1=1; _gat_UA-82747033-1=1; _hjid=fe21390c-14d3-4ba8-adda-009489401ba4; _hjFirstSeen=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Security-Policy
base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 07 Sep 2021 09:02:56 GMT
ETag
"060e025c7a3d71:0"
X-Frame-Options
sameorigin
Content-Type
image/png
X-XSS-Protection
1; mode=block
Date
Wed, 22 Sep 2021 16:22:35 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
2443
X-Content-Type-Options
nosniff
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1614533941&t=pageview&_s=1&dl=https%3A%2F%2Fforetagslan.svea.com%2F&ul=en-us&de=UTF-8&dt=Svea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1853646731.1632327756&tid=UA-110028069-1&_gid=357534721.1632327756&gtm=2wg9k0N86QN4X&z=1762991116
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 02:22:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50426
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=1614533941&t=pageview&_s=1&dl=https%3A%2F%2Fforetagslan.svea.com%2F&ul=en-us&de=UTF-8&dt=Svea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1853646731.1632327756&tid=UA-82747033-1&_gid=357534721.1632327756&gtm=2wg9k0N86QN4X&z=126227678
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 02:22:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
50426
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/
83 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPNHCG4
Requested by
Host: foretagslan.svea.com
URL: https://foretagslan.svea.com/main.66a0c6ad58d9d6920129.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dfd374a854225c7904fea6e7abd81ce0b16de507a5eb0e2cf615b6c87c3f4879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:22:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33559
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 16:22:35 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame 9B7D
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-900388.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-72.fra53.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://foretagslan.svea.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://foretagslan.svea.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
b3C1VvzQbkvvxI5x4gRyD1LWHI3DSG54QQycAHCcFCwnubVgOMbyNw==
age
5541451
visit-data
in.hotjar.com/api/v2/client/sites/900388/
146 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/900388/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.237.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-237-17.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer
https://foretagslan.svea.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 22 Sep 2021 16:22:36 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
content
ws8.hotjar.com/api/v2/sites/900388/recordings/
66 B
393 B
XHR
General
Full URL
https://ws8.hotjar.com/api/v2/sites/900388/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.239.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-239-119.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
055dee6b5811083b12bb83ce554ecd64ac18aa5efd12dce29f157ca9e98eeb90

Request headers

Referer
https://foretagslan.svea.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Wed, 22 Sep 2021 16:22:36 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1614533941&t=pageview&_s=1&dl=https%3A%2F%2Fforetagslan.svea.com%2F&ul=en-us&de=UTF-8&dt=Svea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=530667721&gjid=690797485&cid=1853646731.1632327756&tid=UA-110028069-1&_gid=357534721.1632327756&_r=1&gtm=2wg9k0N86QN4X&z=216830664
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1614533941&t=pageview&_s=1&dl=https%3A%2F%2Fforetagslan.svea.com%2F&ul=en-us&de=UTF-8&dt=Svea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=1948595224&gjid=1908899246&cid=1853646731.1632327756&tid=UA-82747033-1&_gid=357534721.1632327756&_r=1&gtm=2wg9k0N86QN4X&z=1532013313

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| IntlPolyfill

9 Cookies

Domain/Path Name / Value
.svea.com/ Name: _ga
Value: GA1.2.1853646731.1632327756
.svea.com/ Name: _gid
Value: GA1.2.357534721.1632327756
.svea.com/ Name: _gat_UA-110028069-1
Value: 1
.svea.com/ Name: _gat_UA-82747033-1
Value: 1
.svea.com/ Name: _hjid
Value: fe21390c-14d3-4ba8-adda-009489401ba4
.svea.com/ Name: _hjFirstSeen
Value: 1
foretagslan.svea.com/ Name: _hjIncludedInPageviewSample
Value: 1
.svea.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
foretagslan.svea.com/ Name: _hjIncludedInSessionSample
Value: 1

2 Console Messages

Source Level URL
Text
security error URL: https://www.google-analytics.com/analytics.js(Line 38)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1614533941&t=pageview&_s=1&dl=https%3A%2F%2Fforetagslan.svea.com%2F&ul=en-us&de=UTF-8&dt=Svea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=530667721&gjid=690797485&cid=1853646731.1632327756&tid=UA-110028069-1&_gid=357534721.1632327756&_r=1&gtm=2wg9k0N86QN4X&z=216830664' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com".
security error URL: https://www.google-analytics.com/analytics.js(Line 38)
Message:
Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1614533941&t=pageview&_s=1&dl=https%3A%2F%2Fforetagslan.svea.com%2F&ul=en-us&de=UTF-8&dt=Svea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=1948595224&gjid=1908899246&cid=1853646731.1632327756&tid=UA-82747033-1&_gid=357534721.1632327756&_r=1&gtm=2wg9k0N86QN4X&z=1532013313' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://*.hotjar.com https://*.hotjar.com https://www.google-analytics.com https://www.googletagmanager.com; frame-src bankid://* https://app.bankid.com https://*.hotjar.com https://*.svea.com https://*.sveabank.com; style-src 'self' 'unsafe-inline' https://*.sveabank.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://*.sveabank.com http://*.hotjar.com https://*.hotjar.com blob: data:; connect-src 'self' https://*.svea.com https://*.sveabank.com http://*.hotjar.com:* https://*.hotjar.com:* ws://*.hotjar.com wss://*.hotjar.com; font-src 'self' http://*.hotjar.com https://*.hotjar.com data:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

foretagslan.svea.com
foretagslan.sveabank.com
in.hotjar.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
ws8.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.google-analytics.com
13.32.22.51
13.32.22.75
142.250.185.142
143.204.207.72
193.13.207.231
193.13.207.46
216.58.212.168
52.31.239.119
52.49.237.17
000cefe86338f0cf6f31eda30a1844350bb3cce11042e75308b0700a8f61145e
02328f6976d58ee41532e43e8a65d905bfe841eb6f7b5f12ae50dd2867d30166
055dee6b5811083b12bb83ce554ecd64ac18aa5efd12dce29f157ca9e98eeb90
0e58964be776a602672f455341cb8232a8d119021b64b044cc65981ebd2f0db5
1e342e343684fca8f74388849ed86244d99813ab49cb4e7819b4004126ff1467
2190f36b3cd0c481fdd29c9dd0154c72db9f74a202746705e074c888d5c2d9d9
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
5984a3f674a7e8cba2e1dac86fdde635dd8c55ded4964f6e870c3bf1d53ae74a
7f703baacadd253ea38519f63d076a09836def6b0703135b64463ca124fbba66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
90969b7e74c8e2603d6b41f49e62b87955c8b6e8c2e4fc84645539fc1d01e3d3
98574f36e768f3547440ddf065fbddc087394d45ffbbf299a18e23726dfcdb8c
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
c354fefd0e222b1ac98b1713a3f1ccdcf5bcbd3b59552f0af3e828f2c2e6e0dc
dfd374a854225c7904fea6e7abd81ce0b16de507a5eb0e2cf615b6c87c3f4879
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62