www.refunder.se Open in urlscan Pro
2606:4700:10::6816:36d4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.rule.io/link/nl/n_w4x9ac/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj
Effective URL:
https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3...
Submission: On June 16 via api (June 16th 2022, 1:24:18 pm UTC) from IE — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 31 IPs in 4 countries across 21 domains to perform 83 HTTP transactions. The main IP is 2606:4700:10::6816:36d4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.refunder.se.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.

This is the only time www.refunder.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:47c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:10:... 2606:4700:10::6816:36d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.139.113 18.66.139.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e031	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.96 108.138.17.96	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2600:9000:215... 2600:9000:2156:5e00:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e01b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.89.5 143.204.89.5	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	13.32.121.125 13.32.121.125	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	185.221.87.248 185.221.87.248	206998 (NEW-2) (NEW-2)
2	52.28.170.203 52.28.170.203	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
83	31

1 2606:4700:20::ac43:47c7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.rule.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6816:36d4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.refunder.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.refunder.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-113.fra60.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-96.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:5e00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e01b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-5.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

5450406.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-125.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.87.248 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.170.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-170-203.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	refunder.se www.refunder.se assets.refunder.se	707 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 100	751 KB
8	sharethis.com ws.sharethis.com — Cisco Umbrella Rank: 8975 l.sharethis.com — Cisco Umbrella Rank: 4971	83 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	161 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 411 5450406.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 125	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 jnn-pa.googleapis.com — Cisco Umbrella Rank: 324	31 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 370 www.linkedin.com — Cisco Umbrella Rank: 527 px4.ads.linkedin.com — Cisco Umbrella Rank: 5965	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	120 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	59 KB
4	google.com www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 92	15 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 637 p.typekit.net — Cisco Umbrella Rank: 782	56 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	329 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 992 vars.hotjar.com — Cisco Umbrella Rank: 1037	67 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5111	655 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	93 KB
1	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9300	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 953	3 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 438	18 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5760	6 KB
1	rule.io 1 redirects app.rule.io — Cisco Umbrella Rank: 692111	947 B
83	21

	Domain	Requested by
10	assets.refunder.se	www.refunder.se assets.refunder.se
9	www.youtube.com	www.refunder.se www.youtube.com
6	ws.sharethis.com	www.refunder.se ws.sharethis.com
6	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
6	www.refunder.se	www.refunder.se
4	connect.facebook.net	www.refunder.se
4	www.google-analytics.com	www.refunder.se
4	jnn-pa.googleapis.com	www.youtube.com
3	www.facebook.com	www.refunder.se
3	www.google.com	www.youtube.com
3	googleads.g.doubleclick.net	1 redirects www.youtube.com www.refunder.se
3	use.typekit.net	www.refunder.se
2	www.google.de
2	l.sharethis.com	www.refunder.se
2	px.ads.linkedin.com	2 redirects
2	5450406.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.googletagmanager.com	www.refunder.se
1	adservice.google.com	5450406.fls.doubleclick.net
1	stats.g.doubleclick.net	www.refunder.se
1	bam.eu01.nr-data.net	www.refunder.se
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	vars.hotjar.com	www.refunder.se
1	www.googleadservices.com	www.refunder.se
1	snap.licdn.com	www.refunder.se
1	script.hotjar.com	www.refunder.se
1	p.typekit.net
1	js-agent.newrelic.com	www.refunder.se
1	static.hotjar.com	www.refunder.se
1	static.doubleclick.net	www.youtube.com
1	widget.trustpilot.com	www.refunder.se
1	fonts.googleapis.com	www.refunder.se
1	app.rule.io	1 redirects
83	34

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-25` - `2022-06-23`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Frame ID: 0FD81E1BFFA55D98C3AB3FA1590D5B43
Requests: 59 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
Frame ID: 36CADA3BD1985202F0A2191D305ADD5F
Requests: 17 HTTP requests in this frame

Frame: https://5450406.fls.doubleclick.net/activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik
Frame ID: 7C3A6C1F17CFAEAB122C0BE6871E3303
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 96E7A1FF268EC295A6BBB456E169491F
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 614CFCB4C606C85D507D23B7931EC601
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://app.rule.io/link/nl/n_w4x9ac/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj HTTP 302
https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%2... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

83
Requests

98 %
HTTPS

69 %
IPv6

21
Domains

34
Subdomains

31
IPs

4
Countries

2191 kB
Transfer

6969 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.rule.io/link/nl/n_w4x9ac/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj HTTP 302
https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 55

https://5450406.fls.doubleclick.net/activityi;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik HTTP 302
https://5450406.fls.doubleclick.net/activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik

Request Chain 63

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D77148%26time%3D1655385854359%26url%3Dhttps%253A%252F%252Fwww.refunder.se%252Fcampadre%252Fgdpr%253Futm_campaign%253Dgrymt%252520viktig%252520information%252520fr%2525C3%2525A5n%252520Fredrik%2526utm_medium%253Demail%2526utm_source%253Drule%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true&e_ipv6=AQJkBZxdkFH2hwAAAYFsr5PH-SDgm8EvaOotpgploFhenbBVzsnr6nkiB-idTtYMyEx9jSZt

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request gdpr Show response
www.refunder.se/campadre/
Redirect Chain

https://app.rule.io/link/nl/n_w4x9ac/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj
https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

66 KB
21 KB

490ms
252ms

Document
text/html

2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.20

Resource Hash

72a4242ffb232ec9cd6ada7a155b256d643dc5e12b4e8c9ea51d9176fc6da447

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 71c3dd42ec7d9c0a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 13:24:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-powered-by: PHP/8.0.20

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 71c3dd401a849034-FRA
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 13:24:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swy5eCxjy%2FmRT9q8GYMqhfTFV%2BvLcpD4Tt6xFWsNPEUA%2BpttRuBH%2Bhk6cxqO0E2qjActPyWSSaVvw8EekNBJ47uCyzE3sylZkwivzdct%2FDV9FDXEanNaKfWrxF4pF3nWXl4YuLPqBIp4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 refunder-5fc05c4238.min.css
assets.refunder.se/dist/ 878 KB
164 KB 179ms
167ms Stylesheet
text/css 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.refunder.se/dist/refunder-5fc05c4238.min.css

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3edbec27f29986811d3d3036e5989b1b82c6fc42554710564a77d9024b53f17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: W/"62a9a49e-db6e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 71c3dd44b8539c0a-FRA

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 132ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900|Nunito:400,700&subset=latin,latin-ext

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c7e197490f22a68ba81091202bc98f75f8d5aa7d85f6d62b461de8951cc1d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 13:24:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 13:24:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 13:24:11 GMT

GET
H2 200 refunder-logo.png
assets.refunder.se/images/ 2 KB
3 KB 166ms
166ms Image
image/webp 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.refunder.se/images/refunder-logo.png

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e29752ebbd4b8a96de31cb8947ceec0b6eb4903592b8941e0bc4c05b10770bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:11 GMT
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=4304
content-disposition: inline; filename="refunder-logo.webp"
content-length: 2446
last-modified: Wed, 15 Jun 2022 09:21:35 GMT
server: cloudflare
etag: "62a9a49f-10d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c3dd458a819c0a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 logo_refunder_inline.png
www.refunder.se/assets/images/ 1 KB
1 KB 163ms
163ms Image
image/webp 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.refunder.se/assets/images/logo_refunder_inline.png

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ab00edeb9fa42770be1cab71822ec256436dbdc56ce9832885935f72008faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2135
content-disposition: inline; filename="logo_refunder_inline.webp"
content-length: 1038
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c3dd465c849c0a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 paypal-logo.png
assets.refunder.se/images/ 30 KB
31 KB 163ms
162ms Image
image/png 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.refunder.se/images/paypal-logo.png

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d3d795c8f6c74ce662213b31c2147ae74aabc68296578bc824674ced2297fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-79e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd468ceb9c0a-FRA
content-length: 31201

GET
H2 200 trustly-logo.png
assets.refunder.se/images/ 2 KB
2 KB 143ms
142ms Image
image/png 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.refunder.se/images/trustly-logo.png

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b2817ece544986cbb86376189836288eb442a95ec3eac80f46fcf76e28b8f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:35 GMT
server: cloudflare
etag: "62a9a49f-855"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd468cee9c0a-FRA
content-length: 2133

GET
H2 200 logo-bonnier.png
www.refunder.se/assets/images/ 974 B
1 KB 142ms
141ms Image
image/webp 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.refunder.se/assets/images/logo-bonnier.png

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9f0c3a67fb8ac422f0a72169c17f9f1dfb5d923f5620331a5f5de93c97db649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
vary: Accept
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2037
content-disposition: inline; filename="logo-bonnier.webp"
content-length: 974
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-7f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c3dd468cf09c0a-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 certificate_badges.png
assets.refunder.se/images/ 51 KB
51 KB 218ms
218ms Image
image/png 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.refunder.se/images/certificate_badges.png

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56030ef93940f0e80685b1a764988f954e8745239081c43225b1abb7cf5ac133

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-cbde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd468cf19c0a-FRA
content-length: 52190

GET
H2 200 rocket-loader.min.js Show response
www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 42ms
41ms Script
application/javascript 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Jun 2022 21:22:53 GMT
server: cloudflare
etag: W/"62a3b62d-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 71c3dd468cf39c0a-FRA
vary: Accept-Encoding
expires: Sat, 18 Jun 2022 13:24:11 GMT

GET
H2 200 headline-bg.png
assets.refunder.se/assets/img/ 151 B
236 B 147ms
147ms Image
image/png 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.refunder.se/assets/img/headline-bg.png

Requested by

Host: assets.refunder.se
URL: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0698bd96b32abef09345157f63717a2d8e8cbd4044cf697c2eb7a4b50691eee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:35 GMT
server: cloudflare
etag: "62a9a49f-97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd469d139c0a-FRA
content-length: 151

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1aa4fccb65ad266a9caef9094e08038a7a2d92be1b5eff848c6fca5b6cbae98e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v24/ 35 KB
35 KB 216ms
133ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v24/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900|Nunito:400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b8ac258645cd62f67125ff4a3a5d997f93132e45ab6cf945a5152fbe0910b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:45:44 GMT
x-content-type-options: nosniff
age: 189508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:23:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 08:45:44 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.refunder.se/fonts/ 55 KB
56 KB 318ms
237ms Font
font/woff2 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.refunder.se/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: assets.refunder.se
URL: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd471d898ff4-FRA
content-length: 56780

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 121ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 159418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:07:14 GMT

GET
H2 200 icons-refunder.woff
assets.refunder.se/fonts/ 6 KB
7 KB 236ms
155ms Font
font/woff 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.refunder.se/fonts/icons-refunder.woff

Requested by

Host: assets.refunder.se
URL: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f971fd0089d2c252695122722924afbaccf23648aa417a64a8ec96dfb8402a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-19d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd471d8b8ff4-FRA
content-length: 6608

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 157ms
75ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 159418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:07:14 GMT

GET
H2 200 ojRcIOltHLE Show response
www.youtube.com/embed/ Frame 36CA 64 KB
27 KB 166ms
83ms Document
text/html 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7662322930e7f94b9d8c334ac66a9eb1eaf1901c08c8d769bc9102349c777b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.refunder.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 16 Jun 2022 13:24:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 124ms
39ms Script
application/x-javascript 18.66.139.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-113.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 36629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 16 Jun 2022 03:37:13 GMT
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: w0M53kIPQUhsjLu4QLHfTktkq3xotNAFlQ1cvkzaMS_ZZti7sCpLNg==

GET
H2 200 refunder-85ef2c1bb9.min.js Show response
assets.refunder.se/dist/ 1 MB
358 KB 155ms
155ms Script
application/javascript 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.refunder.se/dist/refunder-85ef2c1bb9.min.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb50488d748f37cb9d7edd2ae8eaa7f13dbd297d4a9b8e94423d27d770a0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: W/"62a9a49e-1281e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 71c3dd46dda19c0a-FRA

GET
H2 200 initialjs Show response
www.refunder.se/ 4 KB
2 KB 135ms
134ms Script
application/javascript 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refunder.se/initialjs?page_type=landing&flashdata=%7B%22_token%22%3A%22QCMnDlITK2WKB4GLlOB6cKw2NvwGB6j5tJJ1dTy6%22%2C%22__ci_last_regenerate%22%3A1655385851%2C%22website_id%22%3A%2214%22%2C%22currency_code%22%3A%22SEK%22%2C%22currency_symbol%22%3A%22kr%22%2C%22tracking_id%22%3A%22965fc0b1-4a8d-4dfb-898f-f27b32fefc6c%22%2C%22initial_site_touchpoint_ts%22%3A1655385851%2C%22__ci_vars%22%3A%7B%22initial_site_touchpoint_ts%22%3A1655389451%2C%22register_redirect%22%3A1655386151%2C%22landing_id%22%3A1655389451%7D%2C%22register_redirect%22%3A%22%5C%2Fcampadre%5C%2Fgdpr%22%2C%22landing_id%22%3A%22969%22%7D

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.20

Resource Hash

7b5e696b16e0712dd9ed26cafc251138f5189b10ba63c704eb8938ce04ef7226

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.0.20
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 71c3dd46dda29c0a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 136ms
53ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54777e8478128a776aa685abd2ff93adc694421567048dd618104021374d452d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33656
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Jun 2022 13:24:12 GMT

GET
H2 200 ucr2pdc.js Show response
use.typekit.net/ 16 KB
7 KB 163ms
42ms Script
text/javascript 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ucr2pdc.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

da1ab7a66ee971546ff6d619e9463c30aaab4f04babe02216a2e8c8ab410be6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Jun 2022 13:24:12 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6674

GET
H2 200 checkmark-green.png
assets.refunder.se/images/ 1 KB
1 KB 151ms
151ms Image
image/png 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.refunder.se/images/checkmark-green.png

Requested by

Host: assets.refunder.se
URL: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4173e0fb087c3c388d30d3c013f4064f78cfb846a22bd19c6df3ce2b22f66fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets.refunder.se/dist/refunder-5fc05c4238.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 09:21:34 GMT
server: cloudflare
etag: "62a9a49e-45e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 71c3dd475f129c0a-FRA
content-length: 1118

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 157ms
113ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:07:37 GMT
x-content-type-options: nosniff
age: 159395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:07:37 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 24 KB
24 KB 135ms
91ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:10:27 GMT
x-content-type-options: nosniff
age: 159225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 17:10:27 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/df5197e2/ Frame 36CA 338 KB
47 KB 42ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/df5197e2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd775351a78c275a252b2d39d2d956d759d35ddd0ff5a4625131e1c2ba3c6c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47569
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:17:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Jun 2023 13:22:18 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/df5197e2/www-embed-player.vflset/ Frame 36CA 304 KB
94 KB 66ms
62ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/df5197e2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecc9d1f7847e9d330923bcf866f1f51f31906076c82e4591e11bc89a55d5601a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96191
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:17:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Jun 2023 16:56:49 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/ Frame 36CA 2 MB
535 KB 91ms
87ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef36a1c3e9ae388659ceb39bc9b167315872e159c20e24f284d7e1774303d380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:58:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547759
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:17:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Jun 2023 16:58:52 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/df5197e2/fetch-polyfill.vflset/ Frame 36CA 9 KB
3 KB 108ms
104ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/df5197e2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:17:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Jun 2023 16:56:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 36CA 15 KB
15 KB 41ms
37ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 159451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Jun 2023 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 36CA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

123ms
46ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc18f776808d90c6b715d05e6e8da0ed04e95a7db05d36a20b4dbf04c1e43a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 16 Jun 2022 13:24:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 36CA 29 B
589 B 161ms
50ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:19:43 GMT
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Jun 2022 13:34:43 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 127ms
44ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 16 Jun 2022 13:24:12 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 36CA 63 KB
29 KB 135ms
54ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2cd41ffab19311ab26e67803bd9067f9577bf0b9f98c13b1d5804877f25d320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 16 Jun 2022 13:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30000
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/ Frame 36CA 119 KB
37 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2525fcabe966c2f81330c969432129f12cac22ab1cc9d44467a31abf48d587a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 16:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37788
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:17:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Jun 2023 16:58:53 GMT

GET
H2 200 7qS9JJo7a9zMzqgT3CXmNG9Z98ZtOs5mh5hifsJrjL4.js Show response
www.google.com/js/th/ Frame 36CA 36 KB
14 KB 140ms
53ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/7qS9JJo7a9zMzqgT3CXmNG9Z98ZtOs5mh5hifsJrjL4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea4bd249a3b6bdccccea813dc25e6346f59f7c66d3ace668798627ec26b8cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 02:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13857
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Jun 2023 02:19:38 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/ Frame 36CA 27 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e2474118cb6ab895bd59607076b4c1f5ddb57de61ea9695cd50da147ab3694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 17:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8105
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:17:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Jun 2023 17:00:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 36CA 4 KB
3 KB 519ms
61ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 13:24:13 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 36CA 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?tfVsvQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 36CA 98 B
142 B 47ms
47ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89b5682f9c92578b35680da8abee60b4060258d31b8e8e354f443db0b0578892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 16 Jun 2022 13:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 16 Jun 2022 13:24:13 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/102/ Frame 36CA 52 KB
15 KB 115ms
39ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/102/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 10:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15092
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 17 Jun 2022 10:37:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1164
date: Thu, 16 Jun 2022 13:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Jun 2022 15:04:49 GMT

GET
H2 200 hotjar-85928.js Show response
static.hotjar.com/c/ 4 KB
2 KB 119ms
40ms Script
application/javascript 108.138.17.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-85928.js?sv=5

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-96.fra56.r.cloudfront.net

Software

Resource Hash

0759399fada8276b069d98297a706a8f9716284684e7f5f2569486afc85bfa71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:11 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 2
etag: W/a2cbdc392d8eb70396ec6b18fda7660f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: W2gei_j6zsm94h-_MG5dgzSIgqVQTcfwHwxFRK4vIe-gTeAstlDnyg==
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 115ms
37ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d4012d1b9fd9f441df388267dbb6cd92eb4c47a727acf0c52752b95cb7e046a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 37UlijXPUMohBYA6naA/cg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: ToefoOZsSblRe5iVvPQRJH5TS+z1Q+OWYzSqU8OW6orPDMstbk/DtTeN0NBUV/FVMFXrV2+6oaVnAqrwZLaPRw==
x-fb-trip-id: 686109401
x-fb-content-md5: de0ef82546f4aee7650ef3702484a561
x-frame-options: DENY
date: Thu, 16 Jun 2022 13:24:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "471866a3a7387b113bcecdc1a252546b"
timing-allow-origin: *
priority: u=1,i
expires: Thu, 16 Jun 2022 13:42:11 GMT

GET
H2 200 l
use.typekit.net/af/9b5307/0000000000000000000157b7/27/ 24 KB
25 KB 163ms
43ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9b5307/0000000000000000000157b7/27/l?primer=caab9855aac2d24b24dcb30b1d1af3c5330df2605115d45fb0c6824b1ba57be7&fvd=n7&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7888a73f4926acb50e1a9b8ce31743dce8f1be70bdb22ce3f386eec7952f0b7e

Request headers

Referer: https://www.refunder.se/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:13 GMT
server: nginx
etag: "f8b5ae9e6d6398117ec923171a50f1f877d6e93e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24884

GET
H2 200 l
use.typekit.net/af/5c3c84/0000000000000000000157bc/27/ 24 KB
24 KB 170ms
51ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5c3c84/0000000000000000000157bc/27/l?primer=caab9855aac2d24b24dcb30b1d1af3c5330df2605115d45fb0c6824b1ba57be7&fvd=n4&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 40b89f451c5e094b840080b7fb816ed9814986d033623f632ac697e5b30557cd

Request headers

Referer: https://www.refunder.se/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:13 GMT
server: nginx
etag: "bf3283d6c364bcfaa42ba7fdef54a353ef5bc618"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24556

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
60 KB 132ms
54ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WXH7C

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa90b7654659d1605b9dba70b12c1b649eb0a817e5d1282bf294d19baa28fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61245
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Jun 2022 13:24:13 GMT

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 59 KB
17 KB 497ms
44ms Script
application/javascript 2600:9000:2156:5e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/buttons.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 21:45:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 142730
x-cache: Hit from cloudfront
content-length: 16739
server: nginx/1.20.1
etag: W/"61e1c3a2-ea95"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: XRRoVPcVm5WHbpTc09DrjUipqJPFjiUm3t3b0UPKmONQpWdYS5wvyA==
expires: Fri, 17 Jun 2022 21:45:24 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 483ms
37ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: 3CG6GB6WD9Q2PQQ9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: hxk9vxHuyo17aJR2y383G7Kx6Hfapn69j2ysL3g2uYCFPxJji7ZPbZD2NaUEhlFc0/GdKTiT/bw=
x-served-by: cache-hhn4061-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1655385854.308582,VS0,VE0
date: Thu, 16 Jun 2022 13:24:14 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4110

GET
H2 200 iframeResizer.min.js Show response
www.refunder.se/assets/js/libs/ 13 KB
6 KB 155ms
154ms Script
application/javascript 2606:4700:10::6816:36d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.refunder.se/assets/js/libs/iframeResizer.min.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:36d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2fbf5a695603ebdcb2b19bac14d175c6badd640a608b5b2709eda742572fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Jun 2022 09:21:35 GMT
server: cloudflare
etag: W/"62a9a49f-34f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 71c3dd546cea9c0a-FRA

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 203ms
41ms Image
image/gif 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ucr2pdc&ht=tk&h=www.refunder.se&f=24553.24558&a=6721280&js=1.21.0&app=typekit&e=js&_=1655385854132
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
85 KB 77ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ce2e4ee7dce82bd312218d168a7716a0

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e90657d6fe5bb2add01418da1507d8d1a4d034811ee473c9e8b8011f908ef802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.refunder.se/
Origin: https://www.refunder.se
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5ZmDs9fNxEmHXuJdYJYS+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87373
x-fb-rlafr: 0
x-fb-debug: McSjdcGpgbpZrW7XfTTYTUNXA8CGUR3E+GMhBeg/YDAA/r9ZF1dDf6XXAIyre2P+0P1sKSMcYEksY/NBsCRqYA==
x-fb-content-md5: 384fc634b0098d96c50aaebc1838e9c7
x-frame-options: DENY
date: Thu, 16 Jun 2022 13:24:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1b4b5d148a707b36971f785e9fd57d63"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Jun 2023 05:39:54 GMT

GET
H2 200 modules.b871a939666125f20d79.js Show response
script.hotjar.com/ 243 KB
63 KB 190ms
49ms Script
application/javascript 143.204.89.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b871a939666125f20d79.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-5.fra50.r.cloudfront.net

Software

Resource Hash

e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 08:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 621128
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64109
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 08:51:29 GMT
etag: "a7a5f230aae7accf37f785c6590c07fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ad9M6KDqIE3iESYRT-6z8PYr317YAYI5uIUOifVUsrrHY9V2eImiIA==

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 113ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Jun 2022 14:18:17 GMT

GET
H3

200

activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_sou... Show response
5450406.fls.doubleclick.net/ Frame 7C3A
Redirect Chain

https://5450406.fls.doubleclick.net/activityi;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_s...
https://5450406.fls.doubleclick.net/activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.ref...

524 B
431 B

131ms
54ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5450406.fls.doubleclick.net/activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WXH7C

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

a91e2c0541a6bda21181e3d44d1c66e0f08346bfcd7caf97410d7b2c0f31fabf

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 406
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 13:24:14 GMT
expires: Thu, 16 Jun 2022 13:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 13:24:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5450406.fls.doubleclick.net/activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 79ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: qZ2u55DDyXCpA0iBRV8JbzHuKeekrw/wZAq2jVIrNavr9EsZ7QQbeF77YjRgO9H0xB5jQJVx4XNmW9Q3NW4Djg==
x-frame-options: DENY
date: Thu, 16 Jun 2022 13:24:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 120ms
38ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 13:24:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=58613
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 153ms
51ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 6069194915506431635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 13:24:14 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 96E7 2 KB
1 KB 123ms
37ms Document
text/html 13.32.121.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-125.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://www.refunder.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1156679
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Jun 2022 04:06:15 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Wed, 01 Jun 2022 15:33:09 GMT
vary: Accept-Encoding
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-id: 6sZ5z3Bwi1frXAum7q0Q92iOhb-916DI57w3qLIOaN7IYmjjM4Bb3Q==
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 97 KB
38 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NTKGVMB&cid=2131658700.1655385854

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8823541bc636ace30934a83ac02da089cca570780c338667ca946ae9ad96cdaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38875
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Jun 2022 13:24:14 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 162ms
72ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=546541542063453&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&sdk=joey&wants_cookie_data=true

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: SIb/zxFVclIDS9GJ44aPlU5DMJeoSpSLgBi4HoRAQHWPnJ79p3M+7n3neNbSwz1IKUurPX8LvgAvDKKPpuw2KQ==
fb-s: unknown
date: Thu, 16 Jun 2022 13:24:14 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.refunder.se
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1708459026105222 Show response
connect.facebook.net/signals/config/ 26 KB
7 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1708459026105222?v=2.9.62&r=stable

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ea039f5ac94c36573189b7a2240da40ea12156863b7cae3d95eddf22116e3ef

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6987
x-xss-protection: 0
pragma: public
x-fb-debug: UEgMG2dpVSLhwD2pd8pGGlNlc5XtSPk0kLJBEsN0SEqUz2FRHuYLv8zHgEQmdKjsnvsbfBbElGKRwinguh37Xg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Jun 2022 13:24:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D77148%26time%3D1655385854359%26url%3Dhttps%253A%252F%252Fwww.refunder.se%252Fcamp...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%...

0
265 B

256ms
176ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true&e_ipv6=AQJkBZxdkFH2hwAAAYFsr5PH-SDgm8EvaOotpgploFhenbBVzsnr6nkiB-idTtYMyEx9jSZt
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 60A5D044D3DC4BB0AEBDDD0E4622A36C Ref B: FRAEDGE1105 Ref C: 2022-06-16T13:24:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhkI3c3qRroYcHJ3yQnQ==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 16 Jun 2022 13:24:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1E7BD9737D534727893597C560CD69E4 Ref B: VIEEDGE1917 Ref C: 2022-06-16T13:24:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655385854359&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true&e_ipv6=AQJkBZxdkFH2hwAAAYFsr5PH-SDgm8EvaOotpgploFhenbBVzsnr6nkiB-idTtYMyEx9jSZt
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhkI3ZBS+8iEPcGFEwDg==

GET
H/1.1 200
OK NRJS-c29ae83cbb449485bc2 Show response
bam.eu01.nr-data.net/1/ 49 B
1 KB 177ms
73ms Script
text/javascript 185.221.87.248
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-c29ae83cbb449485bc2?a=372410472&v=1216.487a282&to=MhBSZQoZWxVQAU0KDgtacVIMEVoIHiNJEz0tAURBJDtaCEUQVg8NAAdDbTQdUgdSG3oMDxEHX10UHUcmWAxdBhk%3D&rst=3577&ck=1&ref=https://www.refunder.se/campadre/gdpr&ap=77&be=2760&fe=3056&dc=3054&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1655385850788,%22n%22:0,%22f%22:301,%22dn%22:303,%22dne%22:342,%22c%22:342,%22s%22:378,%22ce%22:540,%22rq%22:540,%22rp%22:792,%22rpe%22:821,%22dl%22:795,%22di%22:1160,%22ds%22:1165,%22de%22:1165,%22dc%22:2758,%22l%22:2758,%22le%22:2766%7D,%22navigation%22:%7B%7D%7D&fp=1158&fcp=1158&at=HldRE0IDSBs%3D&jsonp=NREUM.setToken
Requested by: Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 13:24:14 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUsSQTvtVHTfaEkiB2z%2FRgVGn3NXeMFekMG0eFlwhR4d5XbfCtSR8fZRPnYtOUGv33XUXXjS11GQya%2FmEIf%2BmxQ2179tiWW1qsAoRrxrssqilg3dvD4qyBj4ez913mC%2FJel2VD2f"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 71c3dd569ef26922-FRA

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 47ms
43ms Script
application/javascript 2600:9000:2156:5e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/async-buttons.js

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 21:45:24 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 142730
x-cache: Hit from cloudfront
content-length: 18813
server: nginx/1.20.1
etag: W/"61e1c3fb-16245"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: cpUpFOyJQjx5GKq1BX1tUUtvmds0YGSljrjE3JCRvTB6rQIkV3ySgg==
expires: Fri, 17 Jun 2022 21:45:24 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
402 B 174ms
40ms XHR
text/plain 52.28.170.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1655385854369.52882&hostname=www.refunder.se&location=%2Fcampadre%2Fgdpr&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%20viktig%20information%20fr%C3%A5n%20Fredrik&sop=false&description=

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.170.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-170-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 13:24:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://www.refunder.se
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/980868221/ 2 KB
1 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980868221/?random=1655385854382&cv=9&fst=1655385854382&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&ig=1&data=pageType%3Dlanding%3BloggedIn%3Dno%3BcurrencyCode%3DSEK&frm=0&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dc0e3b1881957bce8b17da8fcd82d7a8b0165397f006c35226e9144d3b51a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 13:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 142ms
46ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41722784-4&cid=2131658700.1655385854&jid=1967448668&gjid=1728519656&_gid=931214683.1655385854&_u=aGBAgEILQAAAAE~&z=41356832

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refunder.se/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Jun 2022 13:24:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.refunder.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=875458041&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEILQ~&jid=1967448668&gjid=1728519656&cid=2131658700.1655385854&tid=UA-41722784-4&_gid=931214683.1655385854&cd6=2131658700.1655385854&il1nm=Footer&il1pi1id=664&il1pi1nm=lookfantastic&il1pi1ca=Sk%C3%B6nhet%20%26%20H%C3%A4lsa&il1pi1ps=1&il1pi2id=4750&il1pi2nm=Webhallen&il1pi2ca=Elektronik&il1pi2ps=2&il1pi3id=359&il1pi3nm=LensWay&il1pi3ca=Sk%C3%B6nhet%20%26%20H%C3%A4lsa&il1pi3ps=3&il1pi4id=3997&il1pi4nm=Yves%20Rocher%20&il1pi4ca=Sk%C3%B6nhet%20%26%20H%C3%A4lsa&il1pi4ps=4&il1pi5id=3548&il1pi5nm=Shein&il1pi5ca=Kl%C3%A4der%20%26%20Accessoarer&il1pi5ps=5&z=1590397319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 06:16:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25691
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
228 B 38ms
37ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1708459026105222&ev=PageView&dl=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&rl=&if=false&ts=1655385854485&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655385854484.259900136&it=1655385854357&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 16 Jun 2022 13:24:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 39ms
38ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1708459026105222&ev=PageLoad&dl=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&rl=&if=false&ts=1655385854487&cd[pageType]=landing&cd[loggedIn]=no&cd[currencyCode]=SEK&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=28&fbp=fb.1.1655385854484.259900136&it=1655385854357&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:24:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 16 Jun 2022 13:24:14 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/980868221/ 42 B
64 B 135ms
52ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/980868221/?random=1655385854382&cv=9&fst=1655384400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&data=pageType%3Dlanding%3BloggedIn%3Dno%3BcurrencyCode%3DSEK&frm=0&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&async=1&fmt=3&is_vtc=1&random=740081275&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/980868221/ 42 B
548 B 135ms
50ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/980868221/?random=1655385854382&cv=9&fst=1655384400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6f0&sendb=1&data=pageType%3Dlanding%3BloggedIn%3Dno%3BcurrencyCode%3DSEK&frm=0&url=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&async=1&fmt=3&is_vtc=1&random=740081275&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 39ms
38ms Stylesheet
text/css 2600:9000:2156:5e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/css/buttons-secure.css

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 01:04:20 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
age: 44394
etag: W/"61e1c3fb-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
content-length: 3851
x-amz-cf-id: 3Rhx0CM5epfHrCp6PhKZkbZf-1G2_BjPlhEk9xTem21Wvrdpmt2PHw==

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
380 B 45ms
44ms Image
text/plain 52.28.170.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.170.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-170-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 13:24:14 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=*;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demai...
adservice.google.com/ddm/fls/z/ Frame 7C3A 42 B
494 B 161ms
72ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=*;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik

Requested by

Host: 5450406.fls.doubleclick.net
URL: https://5450406.fls.doubleclick.net/activityi;dc_pre=CPmbx-6IsvgCFVOLhQodjKIMlg;src=5450406;type=123;cat=refun00;ord=127372091470;gtm=2wg6f0;auiddc=1216410896.1655385854;~oref=https%3A%2F%2Fwww.refunder.se%2Fcampadre%2Fgdpr%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5450406.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41722784-4&cid=2131658700.1655385854&jid=1967448668&_u=aGBAgEILQAAAAE~&z=2033258040

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 63ms
63ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41722784-4&cid=2131658700.1655385854&jid=1967448668&_u=aGBAgEILQAAAAE~&z=2033258040

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.refunder.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 13:24:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
ws.sharethis.com/secure5x/ Frame 614C 14 KB
4 KB 38ms
38ms Document
text/html 2600:9000:2156:5e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/index.html

Requested by

Host: www.refunder.se
URL: https://www.refunder.se/campadre/gdpr?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.refunder.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15325
content-encoding: gzip
content-length: 4082
content-type: text/html
date: Thu, 16 Jun 2022 09:08:50 GMT
etag: W/"61e1c3fb-390f"
last-modified: Fri, 14 Jan 2022 18:42:03 GMT
server: nginx/1.20.1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id: 7QUbJIfDfsldhiIbINyr5ER9YXyGUXWj5xM-9G4j1Ipht1a-SFlQww==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: noindex, nofollow

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 36CA 28 B
54 B 62ms
61ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ojRcIOltHLE?enablejsapi=1&playerapiid=ytplayer
X-YouTube-Client-Version: 1.20220614.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszRk5DNTk4cEZCVSj83ayVBg%3D%3D
X-YouTube-Ad-Signals: dt=1655385852608&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 16 Jun 2022 13:24:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 16 Jun 2022 13:24:15 GMT

GET
H2 200 stcommon.1f60705adac788a51a8240cf535237b0.js Show response
ws.sharethis.com/secure5x/js/ Frame 614C 16 KB
6 KB 40ms
39ms Script
application/javascript 2600:9000:2156:5e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 03:47:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 24917802
x-cache: Hit from cloudfront
content-length: 5630
server: nginx/1.20.1
etag: W/"612ef1fe-40f6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: AGjmHFC5tKNtXyYldExQe5vekUz6oimujGFGzDiaqM3ltisxP7GeLQ==
expires: Thu, 01 Sep 2022 03:47:33 GMT

GET
H2 200 st.31cb6fcb48e558d491ec5da1e80ebf3d.js Show response
ws.sharethis.com/secure5x/js/ Frame 614C 132 KB
32 KB 46ms
46ms Script
application/javascript 2600:9000:2156:5e00:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/secure5x/js/st.31cb6fcb48e558d491ec5da1e80ebf3d.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5e00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ws.sharethis.com/secure5x/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 00:33:12 GMT
content-encoding: gzip
server: nginx/1.20.1
age: 8081463
etag: W/"61e1c3fb-20e82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-amz-cf-id: eQo_BFeg__1nCx8AsjPbPjeWph24u7f2EE-g-aqlFwrhxwDGLY_jIA==
expires: Wed, 15 Mar 2023 00:33:12 GMT

Verdicts & Comments Add Verdict or Comment

308 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.rule.io/	1970-01-20 03:49:53	Name: laravel_session Value: eyJpdiI6IjFJTEM0bHBobzJJU2lqQ2hIKzB2Y2c9PSIsInZhbHVlIjoiRjNGd2tlVTdrQTV4MnUrY0d0cE5QWHRHT0JqVU9wNzJrWWFsemthTDJCcWo2Y3FtTCtvblFYNmJVRTI2TU02QTNXanJ1N2xZbXNpNkU4cXRLYi9hS0RIcHNnUmd2YTQ4NWJNanhmR0JvOVF4UXlvamQ5azYyMjhXcnhBdDZzajIiLCJtYWMiOiI3ZmE5NmM2YjIwZDI2OTc1M2VkMzRhNjE1MjVhYzdhMjFkYjVjNjlhNjUzMDY3ZGEyODQ4YTgyMGM2YjdkMTAwIiwidGFnIjoiIn0%3D
www.refunder.se/	1970-01-20 03:59:53	Name: re_csrf Value: df5811ad8e6a54415be77d46fd8c93e5
www.refunder.se/	1970-02-11 01:46:41	Name: re_guide_seen Value: eyJpdiI6InNnMkhBUWdhQnI0SkVwWTZnSXgxU3c9PSIsInZhbHVlIjoiWWdOZTV0d1J6eHRyVGhsVDl6b2thbkY3MFp6WHpadm8yeW1iK0cxejg5S0g5QXI0RU5tTXhFYXNDekhmbTNNTyIsIm1hYyI6ImNhZDcwM2NmY2RhZjM4OWJjNDQ2MmM3YzMyNzNmYzdiOGE5ZTVhMjQ2ZTdlOWEyZDQ4NDcwMWIyZDA0NjNlMjgiLCJ0YWciOiIifQ%3D%3D
www.refunder.se/	1970-01-20 03:51:12	Name: refunder_session Value: eyJpdiI6ImpKbUg5QWt5RFc3RG9QbXN6RGY1anc9PSIsInZhbHVlIjoianZKN05MWklKS0lKVjhnYW9uektwK3lzNS9OZ2hQbTROT3NqdzVYMk1sQmNoQmo3aXMycURvZ2pKeUlGNUNJQ0dyWHY4d0loZGo1MUIzR2JDU0pXUXNCcXRKODNPTy8wenl3YjQ1UDYrbk1RWXRFUGFkM242NU9qN1NUZmJBVW8iLCJtYWMiOiI2ZDBmYTIwNzQ2MDE2OThlOGYwNDU0NTlhZjYzZGFlODFkYzE1NzQ4YzMwMDliM2EyYTJmOTA2NzA2NjZmM2U1IiwidGFnIjoiIn0%3D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: uk3BmD-LUN8
.youtube.com/	1970-01-20 08:08:57	Name: VISITOR_INFO1_LIVE Value: 3FNC598pFBU
www.refunder.se/	1970-01-20 04:32:57	Name: re_utm_source Value: cnVsZQ%3D%3D
www.refunder.se/	1970-01-20 04:32:57	Name: re_utm_medium Value: ZW1haWw%3D
www.refunder.se/	1970-01-20 04:32:57	Name: re_utm_campaign Value: Z3J5bXQgdmlrdGlnIGluZm9ybWF0aW9uIGZy5W4gRnJlZHJpaw%3D%3D
www.refunder.se/	1970-01-20 03:51:12	Name: re_fingerprint Value: ZjNiZTlkZWVkZjFhNDNhNjg5ODMzNzMwNDRlZTM1NGU%3D
.refunder.se/	1970-01-20 21:20:57	Name: _ga Value: GA1.2.2131658700.1655385854
.refunder.se/	1970-01-20 03:51:12	Name: _gid Value: GA1.2.931214683.1655385854
.refunder.se/	1970-01-20 05:59:21	Name: _gcl_au Value: 1.1.1216410896.1655385854
.refunder.se/	1970-01-20 03:49:45	Name: _gat Value: 1
www.refunder.se/	1970-01-20 03:51:12	Name: re_ga_client_id Value: MjEzMTY1ODcwMC4xNjU1Mzg1ODU0
.refunder.se/	1970-01-20 05:59:21	Name: _fbp Value: fb.1.1655385854484.259900136
.refunder.se/	1970-01-20 12:35:21	Name: _hjSessionUser_85928 Value: eyJpZCI6ImEzYWI5NTAxLWYyMWQtNTY5NS1hZTkwLTM5ZDI2YjY5YzQ1NSIsImNyZWF0ZWQiOjE2NTUzODU4NTQ0MzIsImV4aXN0aW5nIjpmYWxzZX0=
.refunder.se/	1970-01-20 03:49:47	Name: _hjFirstSeen Value: 1
www.refunder.se/	1970-01-20 03:49:45	Name: _hjIncludedInSessionSample Value: 0
.refunder.se/	1970-01-20 03:49:47	Name: _hjSession_85928 Value: eyJpZCI6IjQ1Y2ExMmZjLWUxZTUtNGQ5Yy05MDgxLTBkNTA5OWQxZjkxZiIsImNyZWF0ZWQiOjE2NTUzODU4NTQ1MTAsImluU2FtcGxlIjpmYWxzZX0=
.refunder.se/	1970-01-20 03:49:47	Name: _hjAbsoluteSessionInProgress Value: 0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d01161f698b00c07
.doubleclick.net/	1970-01-20 13:11:21	Name: IDE Value: AHWqTUmOZB9yP05KwKBt4D5IOXiOn84zVmM6iHDNhYt4LfOQQ-ROSMhcrjML6vi9O2o
.linkedin.com/	1970-01-20 04:32:57	Name: UserMatchHistory Value: AQLdbi6D0DI07QAAAYFsr5J_AKXkYAKaCpoj8DHoejITy6Y8Lbx41PUQyQfv71LOTMFFg12a35lO9Q
.linkedin.com/	1970-01-20 04:32:57	Name: AnalyticsSyncHistory Value: AQIypgI7SZgX3QAAAYFsr5J_lnXy4vLt76rIHqrlmHNLP7ZFeSeSG-e-3UZraPKQ0dQhK6jy9-mF74SMo0lfrQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:21:39	Name: bcookie Value: "v=2&e5767fd7-1c63-428d-8c0e-7d277b793e2f"
.linkedin.com/	1970-01-20 03:51:12	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2731:u=1:x=1:i=1655385854:t=1655472254:v=2:sig=AQEXQsTBK59VKi_9wjFA114nMeAf2VAm"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:21:39	Name: bscookie Value: "v=1&20220616132414ed1b702f-a413-4456-8127-47cd674a6914AQFRSnrBmM4tDtW_t7J3Mj6dDtnJNCOZ"
.linkedin.com/	1970-01-20 21:18:23	Name: li_gc Value: MTswOzE2NTUzODU4NTQ7MjswMjGAxqsMNsP89me4zce0O4o9u4EtbrgHvt/iCkyeylsOnA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5450406.fls.doubleclick.net
adservice.google.com
app.rule.io
assets.refunder.se
bam.eu01.nr-data.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
js-agent.newrelic.com
l.sharethis.com
p.typekit.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
use.typekit.net
vars.hotjar.com
widget.trustpilot.com
ws.sharethis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.refunder.se
www.youtube.com
108.138.17.96
13.107.42.14
13.32.121.125
142.250.184.226
142.250.185.166
143.204.89.5
151.101.130.137
18.66.139.113
185.221.87.248
2600:9000:2156:5e00:3:c04e:c780:93a1
2606:4700:10::6816:36d4
2606:4700:20::ac43:47c7
2620:1ec:22::14
2a00:1450:4001:803::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:149b
2a02:26f0:f7::5c7b:e01b
2a02:26f0:f7::5c7b:e031
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.28.170.203
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0698bd96b32abef09345157f63717a2d8e8cbd4044cf697c2eb7a4b50691eee4
0759399fada8276b069d98297a706a8f9716284684e7f5f2569486afc85bfa71
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1aa4fccb65ad266a9caef9094e08038a7a2d92be1b5eff848c6fca5b6cbae98e
1cc18f776808d90c6b715d05e6e8da0ed04e95a7db05d36a20b4dbf04c1e43a1
1dc0e3b1881957bce8b17da8fcd82d7a8b0165397f006c35226e9144d3b51a22
2525fcabe966c2f81330c969432129f12cac22ab1cc9d44467a31abf48d587a1
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
3aa90b7654659d1605b9dba70b12c1b649eb0a817e5d1282bf294d19baa28fe6
3b2817ece544986cbb86376189836288eb442a95ec3eac80f46fcf76e28b8f4a
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e29752ebbd4b8a96de31cb8947ceec0b6eb4903592b8941e0bc4c05b10770bf
3edbec27f29986811d3d3036e5989b1b82c6fc42554710564a77d9024b53f17c
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
40b89f451c5e094b840080b7fb816ed9814986d033623f632ac697e5b30557cd
4173e0fb087c3c388d30d3c013f4064f78cfb846a22bd19c6df3ce2b22f66fb0
44e2474118cb6ab895bd59607076b4c1f5ddb57de61ea9695cd50da147ab3694
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ea039f5ac94c36573189b7a2240da40ea12156863b7cae3d95eddf22116e3ef
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
54777e8478128a776aa685abd2ff93adc694421567048dd618104021374d452d
56030ef93940f0e80685b1a764988f954e8745239081c43225b1abb7cf5ac133
69b8ac258645cd62f67125ff4a3a5d997f93132e45ab6cf945a5152fbe0910b2
72a4242ffb232ec9cd6ada7a155b256d643dc5e12b4e8c9ea51d9176fc6da447
7888a73f4926acb50e1a9b8ce31743dce8f1be70bdb22ce3f386eec7952f0b7e
7b5e696b16e0712dd9ed26cafc251138f5189b10ba63c704eb8938ce04ef7226
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8823541bc636ace30934a83ac02da089cca570780c338667ca946ae9ad96cdaa
89b5682f9c92578b35680da8abee60b4060258d31b8e8e354f443db0b0578892
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
99ab00edeb9fa42770be1cab71822ec256436dbdc56ce9832885935f72008faa
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d4012d1b9fd9f441df388267dbb6cd92eb4c47a727acf0c52752b95cb7e046a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a91e2c0541a6bda21181e3d44d1c66e0f08346bfcd7caf97410d7b2c0f31fabf
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aeb50488d748f37cb9d7edd2ae8eaa7f13dbd297d4a9b8e94423d27d770a0ad3
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7e197490f22a68ba81091202bc98f75f8d5aa7d85f6d62b461de8951cc1d26e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd2fbf5a695603ebdcb2b19bac14d175c6badd640a608b5b2709eda742572fe0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da1ab7a66ee971546ff6d619e9463c30aaab4f04babe02216a2e8c8ab410be6e
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd775351a78c275a252b2d39d2d956d759d35ddd0ff5a4625131e1c2ba3c6c96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e7662322930e7f94b9d8c334ac66a9eb1eaf1901c08c8d769bc9102349c777b0
e90657d6fe5bb2add01418da1507d8d1a4d034811ee473c9e8b8011f908ef802
e9f0c3a67fb8ac422f0a72169c17f9f1dfb5d923f5620331a5f5de93c97db649
ecc9d1f7847e9d330923bcf866f1f51f31906076c82e4591e11bc89a55d5601a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea4bd249a3b6bdccccea813dc25e6346f59f7c66d3ace668798627ec26b8cbe
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef36a1c3e9ae388659ceb39bc9b167315872e159c20e24f284d7e1774303d380
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f0d3d795c8f6c74ce662213b31c2147ae74aabc68296578bc824674ced2297fc
f2cd41ffab19311ab26e67803bd9067f9577bf0b9f98c13b1d5804877f25d320
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f971fd0089d2c252695122722924afbaccf23648aa417a64a8ec96dfb8402a16
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f

www.refunder.se Open in urlscan Pro 2606:4700:10::6816:36d4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

69 %IPv6

21 Domains

34 Subdomains

31 IPs

4 Countries

2191 kBTransfer

6969 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.refunder.se Open in urlscan Pro
2606:4700:10::6816:36d4 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

69 %
IPv6

21
Domains

34
Subdomains

31
IPs

4
Countries

2191 kB
Transfer

6969 kB
Size

31
Cookies

83 HTTP transactions
1 data transactions