URL: https://metsa.admin.strd.se/
Submission: On January 31 via api from US — Scanned from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 27 HTTP transactions. The main IP is 194.14.9.85, located in Stockholm, Sweden and belongs to BREDBAND2, SE. The main domain is metsa.admin.strd.se.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 2nd 2024. Valid for: a year.
This is the only time metsa.admin.strd.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 194.14.9.85 29518 (BREDBAND2)
27 1
Apex Domain
Subdomains
Transfer
27 strd.se
metsa.admin.strd.se
themes.shop.strd.se
2 MB
27 1
Domain Requested by
23 themes.shop.strd.se metsa.admin.strd.se
themes.shop.strd.se
4 metsa.admin.strd.se metsa.admin.strd.se
27 2

This site contains no links.

Subject Issuer Validity Valid
*.admin.strd.se
Go Daddy Secure Certificate Authority - G2
2024-01-02 -
2025-02-02
a year crt.sh
*.shop.strd.se
Go Daddy Secure Certificate Authority - G2
2023-03-17 -
2024-04-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://metsa.admin.strd.se/
Frame ID: 42D6C60EF8AA0D5A4AFA0F000C5F91D7
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Metsä Admin

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1844 kB
Transfer

1809 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
metsa.admin.strd.se/
12 KB
13 KB
Document
General
Full URL
https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
9058cb4d8ccd9a320215ace823b3ce21e9d2400f06d4b943ebb7f777ffadc4ad
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Jan 2024 17:39:12 GMT
Expect-CT
enforce,max-age=300
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=15, max=150
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
strd_shop_admin2.css
themes.shop.strd.se/css/
15 KB
17 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/css/strd_shop_admin2.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
a38625a0fc87783fbad70457b6fce6e8c0412d6e3a739f61d955224b741e8281
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
15717
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 07 Jun 2023 13:30:14 GMT
Server
Apache
ETag
"3d65-5fd8a22cb6b00"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
jquery-ui-1.10.4.custom.min.css
metsa.admin.strd.se/css/
27 KB
28 KB
Stylesheet
General
Full URL
https://metsa.admin.strd.se/css/jquery-ui-1.10.4.custom.min.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
b90365fb23e25969fd1cfcb49bc7f31c7301fb36edd3c020af6ea4f981c16cce
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
27205
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 15 Nov 2023 08:12:20 GMT
Server
Apache
ETag
"6a45-60a2c765de258"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
bootstrap.css
themes.shop.strd.se/css/
143 KB
144 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/css/bootstrap.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
145933
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Aug 2020 09:29:16 GMT
Server
Apache
ETag
"23a0d-5abf5c5c49fc0"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=148
bootstrap-theme.css
themes.shop.strd.se/css/
25 KB
26 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/css/bootstrap-theme.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
a0858cc08fdc8e11c1cf6b0fdefc8e1927350e61aa034f5e253a49759426b4df
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
25682
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 03 Aug 2020 09:29:16 GMT
Server
Apache
ETag
"6452-5abf5c5c36358"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
gantt-style.css
themes.shop.strd.se/misc/jquery.gantt/latest/
9 KB
10 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/misc/jquery.gantt/latest/gantt-style.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
65c4747130eb69f5173a0682b08983c6924a4014f4e7de89c53dab254625bcbd
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
9253
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 27 Feb 2017 13:28:42 GMT
Server
Apache
ETag
"2425-549830ed5f680"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
toastr.min.css
themes.shop.strd.se/misc/toastr/latest/
6 KB
8 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/misc/toastr/latest/toastr.min.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
6454
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 23 Aug 2021 09:37:58 GMT
Server
Apache
ETag
"1936-5ca36c5bfee80"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
jquery.fancybox.css
themes.shop.strd.se/misc/fancybox/latest/
5 KB
6 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/misc/fancybox/latest/jquery.fancybox.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
4895
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 14 Jan 2015 13:16:12 GMT
Server
Apache
ETag
"131f-50c9c8b1e3f00"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
basic.css
themes.shop.strd.se/misc/dropzone/latest/
1 KB
2 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/misc/dropzone/latest/basic.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
348e847f0489861b3b81704f6f02d70f4d26b08dbd064bb7183253f20616fa07
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
1082
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 06 Dec 2015 14:49:32 GMT
Server
Apache
ETag
"43a-5263bd92bb700"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
dropzone.css
themes.shop.strd.se/misc/dropzone/latest/
10 KB
11 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/misc/dropzone/latest/dropzone.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
9830
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 19 Dec 2023 07:48:04 GMT
Server
Apache
ETag
"2666-60cd8162172c0"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
bootstrap-select.min.css
themes.shop.strd.se/misc/bootstrap-select/latest/css/
11 KB
12 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/misc/bootstrap-select/latest/css/bootstrap-select.min.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
11120
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 30 Nov 2021 08:13:47 GMT
Server
Apache
ETag
"2b70-5d1fd22ff21b0"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
shop.css
metsa.admin.strd.se/css/
14 KB
15 KB
Stylesheet
General
Full URL
https://metsa.admin.strd.se/css/shop.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
dd220c7093f0a66a7a0427e9d5f0d821f22d53d547fd4b66c5659074f564b5b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
13964
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 15 Nov 2023 08:12:19 GMT
Server
Apache
ETag
"368c-60a2c764c61e0"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=148
font-awesome.min.css
themes.shop.strd.se/css/
30 KB
32 KB
Stylesheet
General
Full URL
https://themes.shop.strd.se/css/font-awesome.min.css
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
31000
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 30 Aug 2017 09:40:56 GMT
Server
Apache
ETag
"7918-557f553145a00"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
jquery.min.js
themes.shop.strd.se/jquery/latest/
88 KB
89 KB
Script
General
Full URL
https://themes.shop.strd.se/jquery/latest/jquery.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
89947
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 09 Jun 2023 08:02:43 GMT
Server
Apache
ETag
"15f5b-5fdadcb27c500"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=146
jquery-ui.min.js
themes.shop.strd.se/jquery_ui/latest/
249 KB
250 KB
Script
General
Full URL
https://themes.shop.strd.se/jquery_ui/latest/jquery-ui.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
844e414a9029f9096e3c2eeee8d0d1aa2662ea5d4fc56ee7f468a6be1069f9fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
254902
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 27 Apr 2022 09:19:53 GMT
Server
Apache
ETag
"3e3b6-5dd9f4fe6ca68"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=146
strdMisc.js
themes.shop.strd.se/strd/
3 KB
4 KB
Script
General
Full URL
https://themes.shop.strd.se/strd/strdMisc.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
4e9bc094a90ef65b9e396414906402566d326699829abff8f796ab6fead3fe8e
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
2850
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 15 Mar 2023 06:53:43 GMT
Server
Apache
ETag
"b22-5f6eace0b79c0"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=147
jquery.tablesorter.min.js
themes.shop.strd.se/misc/tblsorter/latest/
43 KB
45 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/tblsorter/latest/jquery.tablesorter.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
76d187d57700c8aa2932e8b9c76d0a9cfc6e1ae4b1f51b3aa62241ff83aabba2
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
44365
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 02 Feb 2021 06:56:52 GMT
Server
Apache
ETag
"ad4d-5ba54f9af9fe8"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=147
jquery.ui.datepicker-sv.js
themes.shop.strd.se/js/
1 KB
2 KB
Script
General
Full URL
https://themes.shop.strd.se/js/jquery.ui.datepicker-sv.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
491aa3a6b793b2562189788999b6efaeb77bba8ef2bc10ce972ba348429b76e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
1114
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 18 Mar 2014 14:40:08 GMT
Server
Apache
ETag
"45a-4f4e283364200"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=147
bootstrap.min.js
themes.shop.strd.se/bootstrap/latest/
39 KB
40 KB
Script
General
Full URL
https://themes.shop.strd.se/bootstrap/latest/bootstrap.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
39680
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 01 Sep 2020 05:38:53 GMT
Server
Apache
ETag
"9b00-5ae39ef32f3c0"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=148
jquery.fancybox.pack.js
themes.shop.strd.se/misc/fancybox/latest/
23 KB
24 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/fancybox/latest/jquery.fancybox.pack.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
23135
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 14 Jan 2015 13:16:12 GMT
Server
Apache
ETag
"5a5f-50c9c8b1e3f00"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=147
toastr.min.js
themes.shop.strd.se/misc/toastr/latest/
5 KB
6 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/toastr/latest/toastr.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
c0b7ebc3f913f1977d3539db76818c7c65d6f0f6373eeafceb7bf4137892f6f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
5250
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 23 Aug 2021 09:37:58 GMT
Server
Apache
ETag
"1482-5ca36c5c02918"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=148
jquery.fn.gantt.min.js
themes.shop.strd.se/misc/jquery.gantt/latest/
29 KB
31 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/jquery.gantt/latest/jquery.fn.gantt.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
224da13cfd76e67eb4ee0a5c4b8220e02ce3cfc2def86e216f54d4e92f34638a
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
30118
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 27 Feb 2017 13:14:12 GMT
Server
Apache
ETag
"75a6-54982dafad100"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
ckeditor.js
themes.shop.strd.se/misc/ckeditor/latest/
675 KB
676 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/ckeditor/latest/ckeditor.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
a0d1a8fca1a141ad57599adf9d07e2aa4900f2cd91c5065c2c31b62cf5722818
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
690819
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Mon, 26 Sep 2022 07:27:54 GMT
Server
Apache
ETag
"a8a83-5e98f77498ba8"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
dropzone.js
themes.shop.strd.se/misc/dropzone/latest/
112 KB
113 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/dropzone/latest/dropzone.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
114702
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 19 Dec 2023 07:48:04 GMT
Server
Apache
ETag
"1c00e-60cd8162118e8"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=149
bootstrap-select.min.js
themes.shop.strd.se/misc/bootstrap-select/latest/js/
51 KB
52 KB
Script
General
Full URL
https://themes.shop.strd.se/misc/bootstrap-select/latest/js/bootstrap-select.min.js
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
52249
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 30 Nov 2021 08:13:53 GMT
Server
Apache
ETag
"cc19-5d1fd235e6c38"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=148
strdlogga_small_white.png
metsa.admin.strd.se/css/img/
109 KB
110 KB
Image
General
Full URL
https://metsa.admin.strd.se/css/img/strdlogga_small_white.png
Requested by
Host: metsa.admin.strd.se
URL: https://metsa.admin.strd.se/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
306d12ab5a80ef4797b36244868eb7abe09a06434fa9ad59b34ffd26b9a401a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://metsa.admin.strd.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:13 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
111512
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 15 Nov 2023 08:12:21 GMT
Server
Apache
ETag
"1b398-60a2c766043b8"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150
fontawesome-webfont.woff2
themes.shop.strd.se/fonts/
75 KB
77 KB
Font
General
Full URL
https://themes.shop.strd.se/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: themes.shop.strd.se
URL: https://themes.shop.strd.se/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.14.9.85 Stockholm, Sweden, ASN29518 (BREDBAND2, SE),
Reverse DNS
strdlin10.strd.se
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://themes.shop.strd.se/css/font-awesome.min.css
Origin
https://metsa.admin.strd.se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 17:39:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Connection
Keep-Alive
Content-Length
77160
X-XSS-Protection
1
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 30 Aug 2017 09:40:58 GMT
Server
Apache
ETag
"12d68-557f55332de80"
Expect-CT
enforce,max-age=300
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(self),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=150

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| strd object| toastr object| CKEDITOR function| Dropzone function| default undefined| strdObject function| popInfo function| popInfoLarge function| getTm function| setHashPart function| closeModalDspError

2 Cookies

Domain/Path Name / Value
metsa.admin.strd.se/ Name: PHPSESSID
Value: mU2UHT4KISfv-cw7MMgTB8CR8AqvhQGa3OJKLZuxnuMB%2CCyD
metsa.admin.strd.se/ Name: _718729B9-076C-44A3-8F96-064B55B78695
Value: %7B67344C2B-90E3-0124-1C8A-259BCD0B7C6B%7D

1 Console Messages

Source Level URL
Text
security warning URL: https://metsa.admin.strd.se/
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' themes.shop.strd.se 'report-sample'; object-src 'none'; base-uri 'self'; worker-src 'self'; frame-src 'self' wolftg.strd.se; child-src 'self'; connect-src 'self'; frame-ancestors 'self'; style-src 'self' themes.shop.strd.se 'unsafe-inline'; img-src 'self' *.shop.strd.se cdn.dibspayment.com data:; form-action 'self' strdfb.haikomhosting.com sat1.dibspayment.com login.microsoftonline.com; sandbox allow-popups-to-escape-sandbox allow-scripts allow-same-origin allow-forms allow-downloads allow-popups; block-all-mixed-content; upgrade-insecure-requests; script-src 'self' themes.shop.strd.se wolftg.strd.se cdn.dibspayment.com 'self' 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

metsa.admin.strd.se
themes.shop.strd.se
194.14.9.85
224da13cfd76e67eb4ee0a5c4b8220e02ce3cfc2def86e216f54d4e92f34638a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
306d12ab5a80ef4797b36244868eb7abe09a06434fa9ad59b34ffd26b9a401a5
348e847f0489861b3b81704f6f02d70f4d26b08dbd064bb7183253f20616fa07
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
491aa3a6b793b2562189788999b6efaeb77bba8ef2bc10ce972ba348429b76e2
4e9bc094a90ef65b9e396414906402566d326699829abff8f796ab6fead3fe8e
65c4747130eb69f5173a0682b08983c6924a4014f4e7de89c53dab254625bcbd
6763de73150d26e3296cd0154ff12dede3b5d39251c734c0ae4f8af4e437e4cc
69279bee49c5f3502f7a3f07358da1562cc0a10d57e8a56cfc0f8977d367c99f
76d187d57700c8aa2932e8b9c76d0a9cfc6e1ae4b1f51b3aa62241ff83aabba2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
844e414a9029f9096e3c2eeee8d0d1aa2662ea5d4fc56ee7f468a6be1069f9fb
9058cb4d8ccd9a320215ace823b3ce21e9d2400f06d4b943ebb7f777ffadc4ad
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9ff0aecab9bebf5e4d8a6d2627666b1251e50a4f2b689b3fe7b59e0ac2330ebe
a0858cc08fdc8e11c1cf6b0fdefc8e1927350e61aa034f5e253a49759426b4df
a0d1a8fca1a141ad57599adf9d07e2aa4900f2cd91c5065c2c31b62cf5722818
a38625a0fc87783fbad70457b6fce6e8c0412d6e3a739f61d955224b741e8281
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
b90365fb23e25969fd1cfcb49bc7f31c7301fb36edd3c020af6ea4f981c16cce
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
c0b7ebc3f913f1977d3539db76818c7c65d6f0f6373eeafceb7bf4137892f6f5
c43e0e050891f2c148041a5d4fa51f628c5eae5c67eb6bbbad6525bb83892686
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
dd220c7093f0a66a7a0427e9d5f0d821f22d53d547fd4b66c5659074f564b5b7