offerta.se Open in urlscan Pro
40.127.232.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offerta.se/
Submission: On November 27 via automatic, source links-suspicious (November 27th 2021, 6:46:19 am UTC) — Scanned from DE

Summary HTTP 109 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 54 IPs in 10 countries across 42 domains to perform 109 HTTP transactions. The main IP is 40.127.232.98, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is offerta.se.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 1st 2021. Valid for: a year.

This is the only time offerta.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	40.127.232.98 40.127.232.98	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	34.236.232.170 34.236.232.170	14618 (AMAZON-AES) (AMAZON-AES)
2	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.77.111 13.225.77.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.193.38 13.224.193.38	16509 (AMAZON-02) (AMAZON-02)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.193.12 13.224.193.12	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.78.108.238 54.78.108.238	16509 (AMAZON-02) (AMAZON-02)
1	13.225.77.65 13.225.77.65	16509 (AMAZON-02) (AMAZON-02)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	13.225.77.93 13.225.77.93	16509 (AMAZON-02) (AMAZON-02)
1	13.225.77.24 13.225.77.24	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 2	34.255.68.26 34.255.68.26	16509 (AMAZON-02) (AMAZON-02)
1	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2	184.51.8.183 184.51.8.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	18.192.203.176 18.192.203.176	16509 (AMAZON-02) (AMAZON-02)
1	34.102.166.132 34.102.166.132	15169 (GOOGLE) (GOOGLE)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.127.62.220 3.127.62.220	16509 (AMAZON-02) (AMAZON-02)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	2.18.68.31 2.18.68.31	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:ec00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.77.125 13.225.77.125	16509 (AMAZON-02) (AMAZON-02)
1	99.80.164.0 99.80.164.0	16509 (AMAZON-02) (AMAZON-02)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	13.225.77.35 13.225.77.35	16509 (AMAZON-02) (AMAZON-02)
109	54

25 40.127.232.98 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

offerta.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.236.232.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-232-170.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-111.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e8:101::9002:f05 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-38.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.108.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-65.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.225.77.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-93.fra2.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-24.fra2.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.68.26 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.8.183 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-183.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.50 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.192.203.176 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.166.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.62.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-62-220.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.68.31 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-31.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.98 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ec00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.77.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-125.fra2.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.164.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-164-0.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.77.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-35.fra2.r.cloudfront.net

132195664154414.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	offerta.se offerta.se	5 MB
22	freshchat.com wchat.freshchat.com assetscdn-wchat.freshchat.com 132195664154414.webpush.freshchat.com	676 KB
7	criteo.com 2 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com dis.criteo.com	15 KB
4	bidswitch.net 1 redirects x.bidswitch.net	2 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	yahoo.com 1 redirects ads.yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	65 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	yandex.ru 1 redirects an.yandex.ru	674 B
2	3lift.com 1 redirects eb2.3lift.com	736 B
2	pubmatic.com simage2.pubmatic.com	864 B
2	addthis.com cw.addthis.com	854 B
2	tapad.com 1 redirects pixel.tapad.com	894 B
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com	1 KB
2	facebook.com www.facebook.com	386 B
2	google.de www.google.de	655 B
2	google.com www.google.com	655 B
2	facebook.net connect.facebook.net	113 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	2 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	88 KB
1	taboola.com sync-t1.taboola.com	232 B
1	teads.tv criteo-sync.teads.tv	172 B
1	revcontent.com trends.revcontent.com	336 B
1	adtdp.com ad.as.amanad.adtdp.com	843 B
1	smaato.net s.ad.smaato.net	240 B
1	media.net contextual.media.net	204 B
1	kargo.com crb.kargo.com	360 B
1	tpmn.co.kr ad.tpmn.co.kr	600 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	outbrain.com sync.outbrain.com	476 B
1	mgid.com cm.mgid.com	813 B
1	rlcdn.com idsync.rlcdn.com	416 B
1	freshworksapi.com rts-static-prod.freshworksapi.com	25 KB
1	hotjar.io vc.hotjar.io	255 B
1	criteo.net static.criteo.net	14 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
109	42

	Domain	Requested by
25	offerta.se	offerta.se
12	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
8	wchat.freshchat.com	offerta.se wchat.freshchat.com assetscdn-wchat.freshchat.com
4	x.bidswitch.net	1 redirects
4	secure.adnxs.com	3 redirects
3	gum.criteo.com	2 redirects static.criteo.net
2	132195664154414.webpush.freshchat.com	wchat.freshchat.com 132195664154414.webpush.freshchat.com
2	r.casalemedia.com	1 redirects
2	an.yandex.ru	1 redirects
2	eb2.3lift.com	1 redirects
2	simage2.pubmatic.com
2	cw.addthis.com
2	ups.analytics.yahoo.com	1 redirects
2	pixel.tapad.com	1 redirects
2	partner.mediawallahscript.com	1 redirects
2	dis.criteo.com
2	www.facebook.com	offerta.se
2	www.google.de	offerta.se
2	www.google.com	offerta.se
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	offerta.se connect.facebook.net
2	www.google-analytics.com	offerta.se www.google-analytics.com
2	dev.visualwebsiteoptimizer.com	offerta.se
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	ad.as.amanad.adtdp.com
1	s.ad.smaato.net
1	contextual.media.net
1	crb.kargo.com
1	ad.tpmn.co.kr
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	sp.analytics.yahoo.com
1	ads.yahoo.com
1	cm.mgid.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	sslwidget.criteo.com	static.criteo.net
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	mug.criteo.com	offerta.se
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	offerta.se
1	www.linkedin.com	1 redirects
1	static.criteo.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	offerta.se
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	offerta.se
1	fonts.googleapis.com	offerta.se
1	ajax.googleapis.com	offerta.se
109	57

This site contains links to these domains. Also see Links.

Domain
www.browsehappy.com
auth.offerta.se
careers.offerta.se
www.linkedin.com
www.facebook.com
www.instagram.com
topp100.idg.se
se.trustpilot.com
www.youtube.com

Subject Issuer	Validity	Valid
offerta.se DigiCert SHA2 Extended Validation Server CA	`2021-09-01` - `2022-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.freshchat.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-05` - `2021-12-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
freshchat.com Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
freshworksapi.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.dev.kargo.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.as.amanad.adtdp.com Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://offerta.se/
Frame ID: B780D8CF0D266FBD6D6CDAC17B4661F7
Requests: 54 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=offerta.se&origin=onetag
Frame ID: 74AE2C352123DC91315CF72DFA952449
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 610A4C735548309388402EAB73F25717
Requests: 1 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Frame ID: D102197B9917FE30260066801FCE0093
Requests: 20 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=B8B8PDsb8oU8LuIYjMCmmfIqqQEoEQQq
Frame ID: B9AE5A5FEAA14D61580319051205F891
Requests: 30 HTTP requests in this frame

Frame: https://132195664154414.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZlcnRhLnNl
Frame ID: 5430BBDD424E027B9693C3C76D32EC7F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Få offerter gratis från tjänsteföretag - Offerta.se

Page Statistics

109
Requests

87 %
HTTPS

34 %
IPv6

42
Domains

57
Subdomains

54
IPs

10
Countries

6328 kB
Transfer

10030 kB
Size

66
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.browsehappy.com/
Title: Uppgradera din webbläsare

Search URL Search Domain Scan URL

URL: https://auth.offerta.se/login
Title: Logga in

Search URL Search Domain Scan URL

URL: https://careers.offerta.se/
Title: Jobba hos oss

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/offertase

Search URL Search Domain Scan URL

URL: https://www.facebook.com/offerta.se/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offerta.se/

Search URL Search Domain Scan URL

URL: https://topp100.idg.se/2.39772/1.742991/topp-100-2020-sok-jamfor

Search URL Search Domain Scan URL

URL: https://se.trustpilot.com/review/offerta.se
Title: 4.7 av 5

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/THpgpZzbctg?autoplay=1&rel=0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1563788%26time%3D1637995574449%26url%3Dhttps%253A%252F%252Fofferta.se%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F&liSync=true&e_ipv6=AQII6y6l3rCXXAAAAX1gJPdK0qNz8WRoYORZauEOcvyjDnPkZQMvoW59L3fG-nK5mloYWuVvwgM

Request Chain 42

https://gum.criteo.com/sid/json?origin=onetag&domain=offerta.se&sn=ChromeSyncframe&so=0&topUrl=offerta.se&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Ce_E13xkbG9ZTDJWUlYzdTdINjhxaUQxdkhEc0NkUlVUQmJXOUdBTDl5SmFzY2taTlZ3ejZuTlRCSFZKSk1ha0lXTGg3TUJUV0Jwdnh6TnYwemZYRXE5TWhHVCtVcE1sUW9DME80RTNEVmdoNkVxUVEzY0UwTWlqT2luTnNreW43TVUwV0U4L2p1bkU1QlM2clJLZUpQeHg3TEpXVjBtUFlOUHBZYXhyUmJ5d3pTMnRXaGpYZTl3cHhlTFE3d1AyT1FEWlNjNHVIOGtkMzUvdDlLZGhCaFVQWWV4eG1uSSsxQkFJUEMxMWp0dnpORzNPaVQ0TGZyT2JTaW1rVTJkWk55SEdSdHJURytOTEh3NEYrQlhJMVBRWFcrdz09fA&cppv=2

Request Chain 64

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=B8B8PDsb8oU8LuIYjMCmmfIqqQEoEQQq

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1uQmMzTkRadDlhRkRwcVdERE5xUGpydnBhQ1VwLVFFOTNzNmt1QQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 66

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA&custom=&tag_format=img&tag_action=sync&custom=&cb=0ce9666b-7dd1-4f5d-9ff7-c186ef497fe0 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0ce9666b-7dd1-4f5d-9ff7-c186ef497fe0&final=true&reqid=b7fa19e0-4f4d-11ec-847e-9556087288f0&timestamp=2021-11-27T06%3A46%3A15.934Z

Request Chain 68

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA

Request Chain 71

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-TE_7LjZt9aFDpqWDDNqPjrvpaCVjFBPYWSLNjg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-TE_7LjZt9aFDpqWDDNqPjrvpaCVjFBPYWSLNjg&verify=true

Request Chain 75

https://secure.adnxs.com/setuid?entity=52&code=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA%26seg%3D95287

Request Chain 76

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&expires=30&user_group=5

Request Chain 80

https://eb2.3lift.com/xuid?mid=2711&xuid=k-mVr1xTZt9aFDpqWDDNqPjrvpaCVRXhNjB9AOgw&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-mVr1xTZt9aFDpqWDDNqPjrvpaCVRXhNjB9AOgw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 81

https://an.yandex.ru/mapuid/criteois/k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w HTTP 302
https://an.yandex.ru/mapuid/criteois/k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w?redir-setuniq=1

Request Chain 83

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w&C=1

Request Chain 92

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2521466497111680469

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
offerta.se/ 104 KB
36 KB 187ms
78ms Document
text/html 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e42fab53da9d8cb219e57dc636d3d0c6236357d399726596b08ce8bb87dd78a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 35635
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
87 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:41:14 GMT
x-content-type-options: nosniff
age: 65100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88145
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Nov 2022 12:41:14 GMT

GET
H/1.1 200
OK jquery.lazy.min.js Show response
offerta.se/javascript/libraries/ 5 KB
3 KB 86ms
35ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/javascript/libraries/jquery.lazy.min.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1753ecb99b6b11683e933a6f439b13b30f25d6e264b3d0453557b0dfd4b6ad95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2839
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 05:49:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Nov 2021 06:46:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Nov 2021 06:46:14 GMT

GET
H/1.1 200
OK campaign_v637726616880000000.css
offerta.se/dist/css/ 454 KB
115 KB 58ms
52ms Stylesheet
text/css 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/css/campaign_v637726616880000000.css

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e923831c36c8347906b172473db6b88b50c73f18e0a550dd92c368ea9c835729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:14:48 GMT
Server: Microsoft-IIS/10.0
ETag: "044b62adbdad71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK award.png
offerta.se/images/banners/ 12 KB
12 KB 33ms
33ms Image
image/png 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/banners/award.png

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

59cec601ccc4208322adc723e6bbb265550d28b4e6be655a9f503ce272ef8b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:22 GMT
Server: Microsoft-IIS/10.0
ETag: "057a344dadad71:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12060
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK startpage-video.jpg
offerta.se/images/video-thumbs/ 19 KB
20 KB 36ms
36ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/video-thumbs/startpage-video.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3edbd936382ee71ad05bba835519782c06fb2c26b9979ca39d820b3f401987d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19804
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 44 KB
14 KB 436ms
215ms Script
application/javascript 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

67132b7a8d4f22ec1e3e60fb95543c490228134d4bd057e4b20d07f81c13eff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 6b82f8b0-7fa4-4356-9454-a58a8a6a519d
x-trace-id: 00-43713c3d1a15cc95945691dbb1a13bb5-0b151dd199372602-00
served-by: 5612
last-modified: Wed, 17 Nov 2021 12:05:30 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 5612
Content-Type: application/javascript

GET
H/1.1 200
OK bundled-require_v637726617340000000.js Show response
offerta.se/dist/js/ 18 KB
9 KB 35ms
34ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f24b13e2b282c9c1c185c2452f97f0bcf3cc949f99e3fcf33c793bff17051179

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:34 GMT
Server: Microsoft-IIS/10.0
ETag: "04f2146dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8476
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK chunk-vendors_v637726619180000000.js Show response
offerta.se/dist/js/ 196 KB
89 KB 97ms
61ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/chunk-vendors_v637726619180000000.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

23a79a1c698dc5dff7c21b56224e0d756e1d2eaeee8887f5c1b318bb0e5b46b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:18:38 GMT
Server: Microsoft-IIS/10.0
ETag: "07bcdb3dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK app_v637726619180000000.js Show response
offerta.se/dist/js/ 50 KB
20 KB 133ms
81ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/app_v637726619180000000.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

50b1ff01255ecc82866fe9c7a312d4ab667ed305f305dec03fef61dfdb6cc792

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:18:38 GMT
Server: Microsoft-IIS/10.0
ETag: "07bcdb3dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19581
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
2 KB 25ms
11ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=339643&u=https%3A%2F%2Fofferta.se%2F&r=0.20826443813048834
Requested by: Host: offerta.se
URL: https://offerta.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 6c6b7ce85d524aef0e0c2eb323166fcc33e89ff0f8eababbe3fd0c973faeaca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:13 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 158 KB
55 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TTBP

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4b9079d0a81706bf7df3392a0abd535f6ac58795b55130fc52a3cb06bae74fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55821
x-xss-protection: 0
last-modified: Sat, 27 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Nov 2021 06:46:14 GMT

GET
H/1.1 200
OK default-20191126.jpg
offerta.se/images/heros/ 4 MB
4 MB 142ms
93ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/heros/default-20191126.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

052795a3b03b59dada62f3504a90f586b5b10fa711c75ab53819b63716db7ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:22 GMT
Server: Microsoft-IIS/10.0
ETag: "057a344dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4707097
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK flyttstadning.jpg
offerta.se/images/worktypes/ 36 KB
37 KB 99ms
74ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/worktypes/flyttstadning.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

549e2170300588e96630565fe492dd80c56649250b1b839f50aa3e977ec82576

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37335
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK heminredning-och-homestyling.jpg
offerta.se/images/worktypes/ 32 KB
33 KB 67ms
67ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/worktypes/heminredning-och-homestyling.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

fff26498f06ca277637c8552c37f195073751440033622a979cc645c237db3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33252
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK lopande-fastighetsskotsel.jpg
offerta.se/images/worktypes/ 34 KB
34 KB 44ms
44ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/worktypes/lopande-fastighetsskotsel.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

edbab17f98dacf6b0cf5fcc94ea3fe1f0b06e8e891498a86131e8a0582c49c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34394
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK hemstadning.jpg
offerta.se/images/worktypes/ 32 KB
32 KB 33ms
33ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/worktypes/hemstadning.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ec34d2df12a8d04827d36fd52da9a9264e1b80a0822bce3e1bf4b0309c50c63b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32452
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK asfaltering.jpg
offerta.se/images/worktypes/ 46 KB
46 KB 39ms
39ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/worktypes/asfaltering.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4cee07d6baafeeecad5420a17fb075e11345cbe68b08894dd5b5f1c5e1a5edcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47098
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK flytt-ovrigt.jpg
offerta.se/images/worktypes/ 29 KB
30 KB 34ms
34ms Image
image/jpeg 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offerta.se/images/worktypes/flytt-ovrigt.jpg

Requested by

Host: offerta.se
URL: https://offerta.se/dist/css/campaign_v637726616880000000.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ff9c2233e2e239a327e52b532cd14455c16b2297d98433608f12f0b56c6de5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/dist/css/campaign_v637726616880000000.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:24 GMT
Server: Microsoft-IIS/10.0
ETag: "084d445dadad71:0"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30013
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK CircularXXSub-BoldSubset.woff2
offerta.se/dist/fonts/ 30 KB
30 KB 48ms
36ms Font
application/font-woff2 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/fonts/CircularXXSub-BoldSubset.woff2

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a3adae33a8d10815c1a5239e94ca4b7d0b67eff0bcb8835c2fdfba412af6d6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offerta.se/
Origin: https://offerta.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:22 GMT
Server: Microsoft-IIS/10.0
ETag: "057a344dadad71:0"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 30559
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK CircularXXSub-MediumSubset.woff2
offerta.se/dist/fonts/ 29 KB
29 KB 48ms
32ms Font
application/font-woff2 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/fonts/CircularXXSub-MediumSubset.woff2

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

33cc7e461192e3ab74f4eb2237b98754cf3fd5b654771bddd3aa9f37dc03bb75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offerta.se/
Origin: https://offerta.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:08:22 GMT
Server: Microsoft-IIS/10.0
ETag: "057a344dadad71:0"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Content-Length: 29595
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 43ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offerta.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:44:20 GMT
x-content-type-options: nosniff
age: 61314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:44:20 GMT

GET
H2 200 hotjar-1459392.js Show response
static.hotjar.com/c/ 8 KB
3 KB 204ms
43ms Script
application/javascript 13.225.77.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1459392.js?sv=6

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.77.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-77-111.fra2.r.cloudfront.net

Software

Resource Hash

1b065eef93f37afc6d6a6061c0e67cafe5f8cc954918623ab44745122b8dac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/779fda63f49c0e105e0951acd324833e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cY2ECG3al1e1Xa2Jee_1ONigZQrErqYD_5vgrLTQ9M4OnB5TLsz4nw==
via: 1.1 0d94766f433ae64cf30c40acb74fc43f.cloudfront.net (CloudFront)

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 95ms
94ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=339643&d=offerta.se&u=D4E6788E2650F813B27893ADB16C68A36&h=f45e1201a685db0d4953a560237bcc53&t=false&r=0.757496760410824

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:13 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK _main.js Show response
offerta.se/dist/js/site/ 6 KB
3 KB 34ms
34ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/site/_main.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9fa86b64b58e3ad837b28d43c5cf260f9524087bfaab803c0d2f2b340020dc6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:54 GMT
Server: Microsoft-IIS/10.0
ETag: "011d52dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2222
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 143ms
10ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6307
date: Sat, 27 Nov 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 27 Nov 2021 07:01:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 142ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: Q9JEHxETtuU48Mlec5xZGqZwAllqBSyqP3irKr7oHkAME0AO+pnwm0C9ZcRIGFWDflovTkl8fiC4vZ01V+t+Eg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 27 Nov 2021 06:46:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 147ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTBP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 06:46:14 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 76ms
9ms Script
application/x-javascript 2a02:26f0:6c00::210:ba11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTBP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=81772
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 99ms
38ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TTBP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 08:29:00 GMT
server: nginx
etag: W/"615c0ccc-a373"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 28 Nov 2021 06:46:14 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1563788%26time%3D1637995574449%26url%3Dhttps%253A%252F%252Fofferta.se%252F%26liSy...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F&liSync=true&e_ipv6=AQII6y6l3rCXXAAAAX1gJPdK0qNz8WRoYORZauEOcvyjDnPkZQMvoW59L3fG-nK5mlo...

0
156 B

341ms
143ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F&liSync=true&e_ipv6=AQII6y6l3rCXXAAAAX1gJPdK0qNz8WRoYORZauEOcvyjDnPkZQMvoW59L3fG-nK5mloYWuVvwgM
Requested by: Host: offerta.se
URL: https://offerta.se/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: BCIGIUxUuxagRAwhOysAAA==

Redirect headers

date: Sat, 27 Nov 2021 06:46:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1563788&time=1637995574449&url=https%3A%2F%2Fofferta.se%2F&liSync=true&e_ipv6=AQII6y6l3rCXXAAAAX1gJPdK0qNz8WRoYORZauEOcvyjDnPkZQMvoW59L3fG-nK5mloYWuVvwgM
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: 6u6uDUxUuxYAwYY6wyoAAA==

GET
H3 200 1030950566930714 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 115ms
106ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1030950566930714?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76c4792e37076a070c3f65099f4706c8b97f103ab2f3e4ba2766b1181c444015

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fk2/7qqhhGD8mYqCfLY8ljo++vsKD2FJdH/i3k+Z5nntJ9y5qAOmj5DVSizlao+kys+Ynl9uCfXosfaqkZnQnQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 27 Nov 2021 06:46:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 31ms
17ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=748347391&t=pageview&_s=1&dl=https%3A%2F%2Fofferta.se%2F&ul=en-us&de=UTF-8&dt=F%C3%A5%20offerter%20gratis%20fr%C3%A5n%20tj%C3%A4nstef%C3%B6retag%20-%20Offerta.se&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1377372616&gjid=410435022&cid=1165733728.1637995574&tid=UA-5485818-1&_gid=378992165.1637995574&_r=1&_slc=1&z=1668285027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offerta.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://offerta.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001009988/ 2 KB
2 KB 52ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001009988/?random=1637995574471&cv=9&fst=1637995574471&num=1&label=Mzk9CNyK9gQQxOao3QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fofferta.se%2F&tiba=F%C3%A5%20offerter%20gratis%20fr%C3%A5n%20tj%C3%A4nstef%C3%B6retag%20-%20Offerta.se&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0d1a33307a26bbcccba7a3424e9d5a9e0f4cf0a378167ab6940897c7b0c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1075
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 30ms
8ms Script
application/javascript 13.224.193.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1459392.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-38.fra2.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325148
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: THSWCyyu4uSMq9waUmFgQrIsrn8eHxtDOrPYm9TxX27prYZnmExcpQ==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 74AE 11 KB
5 KB 69ms
27ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=offerta.se&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2133
date: Sat, 27 Nov 2021 06:46:13 GMT
content-length: 4683

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 62ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5485818-1&cid=1165733728.1637995574&jid=1377372616&gjid=410435022&_gid=378992165.1637995574&_u=IEBAAEAAAAAAAC~&z=1081842964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offerta.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Nov 2021 06:46:14 GMT
content-type: text/plain
access-control-allow-origin: https://offerta.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001009988/ 42 B
548 B 55ms
21ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001009988/?random=1637995574471&cv=9&fst=1637992800000&num=1&label=Mzk9CNyK9gQQxOao3QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fofferta.se%2F&tiba=F%C3%A5%20offerter%20gratis%20fr%C3%A5n%20tj%C3%A4nstef%C3%B6retag%20-%20Offerta.se&async=1&fmt=3&is_vtc=1&random=3936578311&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1001009988/ 42 B
548 B 54ms
20ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1001009988/?random=1637995574471&cv=9&fst=1637992800000&num=1&label=Mzk9CNyK9gQQxOao3QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fofferta.se%2F&tiba=F%C3%A5%20offerter%20gratis%20fr%C3%A5n%20tj%C3%A4nstef%C3%B6retag%20-%20Offerta.se&async=1&fmt=3&is_vtc=1&random=3936578311&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 610A 2 KB
1 KB 37ms
6ms Document
text/html 13.224.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1459392.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-12.fra2.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: LyR0LD9Q4cGIUEYdmiz1lx0-e1ETtLMyEfzJYyt0FI4XIj_Bwngzdg==
age: 934208

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5485818-1&cid=1165733728.1637995574&jid=1377372616&_u=IEBAAEAAAAAAAC~&z=1117058101

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5485818-1&cid=1165733728.1637995574&jid=1377372616&_u=IEBAAEAAAAAAAC~&z=1117058101

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 74AE
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=offerta.se&sn=ChromeSyncframe&so=0&topUrl=offerta.se&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Ce_E13xkbG9ZTDJWUlYzdTdINjhxaUQxdkhEc0NkUlVUQmJXOUdBTDl5SmFzY2taTlZ3ejZuTlRCSFZKSk1ha0lXTGg3TUJUV0Jwdnh6TnYwemZYRXE5TWhHVCtVcE1sUW9DME80RTNEVmdoNkVxUVEzY0UwTWlqT2luTn...

449 B
627 B

51ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Ce_E13xkbG9ZTDJWUlYzdTdINjhxaUQxdkhEc0NkUlVUQmJXOUdBTDl5SmFzY2taTlZ3ejZuTlRCSFZKSk1ha0lXTGg3TUJUV0Jwdnh6TnYwemZYRXE5TWhHVCtVcE1sUW9DME80RTNEVmdoNkVxUVEzY0UwTWlqT2luTnNreW43TVUwV0U4L2p1bkU1QlM2clJLZUpQeHg3TEpXVjBtUFlOUHBZYXhyUmJ5d3pTMnRXaGpYZTl3cHhlTFE3d1AyT1FEWlNjNHVIOGtkMzUvdDlLZGhCaFVQWWV4eG1uSSsxQkFJUEMxMWp0dnpORzNPaVQ0TGZyT2JTaW1rVTJkWk55SEdSdHJURytOTEh3NEYrQlhJMVBRWFcrdz09fA&cppv=2

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

dbf042f1bfcbc80a1af0aa1c8ed9e48949735c952e8733056d211053339250e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 27 Nov 2021 06:46:13 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4897
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sat, 27 Nov 2021 06:46:13 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Ce_E13xkbG9ZTDJWUlYzdTdINjhxaUQxdkhEc0NkUlVUQmJXOUdBTDl5SmFzY2taTlZ3ejZuTlRCSFZKSk1ha0lXTGg3TUJUV0Jwdnh6TnYwemZYRXE5TWhHVCtVcE1sUW9DME80RTNEVmdoNkVxUVEzY0UwTWlqT2luTnNreW43TVUwV0U4L2p1bkU1QlM2clJLZUpQeHg3TEpXVjBtUFlOUHBZYXhyUmJ5d3pTMnRXaGpYZTl3cHhlTFE3d1AyT1FEWlNjNHVIOGtkMzUvdDlLZGhCaFVQWWV4eG1uSSsxQkFJUEMxMWp0dnpORzNPaVQ0TGZyT2JTaW1rVTJkWk55SEdSdHJURytOTEh3NEYrQlhJMVBRWFcrdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2009
content-length: 541
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030950566930714&ev=PageView&dl=https%3A%2F%2Fofferta.se%2F&rl=&if=false&ts=1637995574614&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637995574614.1473840458&it=1637995574460&coo=false&rqm=GET

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 27 Nov 2021 06:46:14 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1459392/ 146 B
323 B 104ms
37ms XHR
application/json 54.78.108.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1459392/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.376dac12c7cbd03331c3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.108.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-108-238.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer: https://offerta.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1459392 Show response
vc.hotjar.io/sessions/ 0
255 B 51ms
33ms XHR
text/plain 13.225.77.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1459392?s=0.25&r=0.05024823001527734
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.376dac12c7cbd03331c3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-65.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: gHq3_4eIV4OFklHzstVqeUjDPKmacK6l6ZZG97U3bxFeLX3HtWl75Q==

GET
H/1.1 200
OK overlays.js Show response
offerta.se/dist/js/site/ 2 KB
1 KB 45ms
44ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/site/overlays.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7fcb68b6f042c5caa1cf8270d46fcb0774f6acb0329fd10064b6d8806418ca7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0e4db50dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 811
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK toggle-menu.js Show response
offerta.se/dist/js/site/ 354 B
711 B 43ms
43ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/site/toggle-menu.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a8aaffcf2a6f10910316b350289e30a7f6468ab152b24ea365b1d0a6a42308ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0e4db50dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 310
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK carousels.js Show response
offerta.se/dist/js/site/ 1013 B
1 KB 43ms
43ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/site/carousels.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

bdd60e651e72e005767e294732e4ce2e1486f9f18f4086149618da25935da866

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0e4db50dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 637
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK campaigns.js Show response
offerta.se/dist/js/site/ 2 KB
2 KB 44ms
44ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/site/campaigns.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e2de2d9643bd13dead458a9c3bd343f1e847c4c553cfde45e9497ec43893449d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0e4db50dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1333
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 event Show response
sslwidget.criteo.com/ 7 KB
8 KB 62ms
21ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=26484&v=5.8.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=QZClr19QeVB6WnI0dFBSaUFXTXFlY2hZdHdlNmxwTjFFWXVMVzclMkJCUDJxblBuZnBIaHBwVDkxQyUyRmFkOE1Wc1VpJTJCT24yZ0R6TUdZT0dhbHdwUCUyQmZDWWpDOXlDTkI3aW1DaVlmdUklMkJ3TWolMkJiQnlTaEx1VmFBTmxFNm5uWWtUelRSYjQzVXUlMkJMJTJGREt1Q3VhJTJGdnJJeURrSEc4emclM0QlM0Q&tld=offerta.se&dtycbr=93620
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 73ac10ae37f6d1ddcda26c6c5854438e5d4e273ec221a9b79cd75ffe05e5010b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:14 GMT
content-type: application/x-javascript
server: Kestrel
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10581142
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK jquery.autocomplete.js Show response
offerta.se/dist/js/libraries/ 9 KB
5 KB 40ms
40ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/libraries/jquery.autocomplete.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f054a8831c589fc5acc30b24e2a9a881fe72751d10d70908577c961d9d2bf267

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:46 GMT
Server: Microsoft-IIS/10.0
ETag: "05d484ddbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4387
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK slick.js Show response
offerta.se/dist/js/libraries/ 40 KB
14 KB 38ms
38ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/libraries/slick.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d3c4d24dd4c1b18a66115a8422c0b4e85f648922f23407bd1725fdf2ffd8adce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:52 GMT
Server: Microsoft-IIS/10.0
ETag: "0e4db50dbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13648
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery.fancybox.js Show response
offerta.se/dist/js/libraries/ 22 KB
11 KB 36ms
36ms Script
text/javascript 40.127.232.98
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://offerta.se/dist/js/libraries/jquery.fancybox.js?_rev=1637995574286

Requested by

Host: offerta.se
URL: https://offerta.se/dist/js/bundled-require_v637726617340000000.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.232.98 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c96d21be9adf125c2c0a6f7c85e48f245ed6099afcbc271b8668a512af39d700

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Nov 2021 11:15:46 GMT
Server: Microsoft-IIS/10.0
ETag: "05d484ddbdad71:0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10435
X-UA-Compatible: IE=Edge,chrome=1

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030950566930714&ev=Microdata&dl=https%3A%2F%2Fofferta.se%2F&rl=&if=false&ts=1637995575116&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22F%C3%A5%20offerter%20gratis%20fr%C3%A5n%20tj%C3%A4nstef%C3%B6retag%20-%20Offerta.se%22%2C%22meta%3Adescription%22%3A%22Offerta.se%20hj%C3%A4lper%20dig%20hitta%20bra%20tj%C3%A4nstef%C3%B6retag%20som%20kan%20hj%C3%A4lpa%20dig%20i%20hemmet%2C%20p%C3%A5%20kontoret%20eller%20i%20din%20bostadsr%C3%A4ttsf%C3%B6rening.%20Beskriv%20ditt%20behov%20och%20f%C3%A5%20hj%C3%A4lp!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22F%C3%A5%20offerter%20gratis%20fr%C3%A5n%20tj%C3%A4nstef%C3%B6retag%20-%20Offerta.se%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FWebSite%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637995574614.1473840458&it=1637995574460&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: offerta.se
URL: https://offerta.se/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 27 Nov 2021 06:46:15 GMT

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame D102 5 KB
3 KB 217ms
108ms Document
text/html 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8cc602875cc6592eb72a8ec810a31c95238833ec96691864247c1357288d4976

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/

Response headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Wed, 17 Nov 2021 12:05:30 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
served-by: 4082
x-server: 4082
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-trace-id: 00-2a7a8624647d07579a5e8cf4cc560fa4-cb383d938ccca5c0-00
x-fw-ratelimiting-managed: false
x-request-id: 5565ac9c-47da-4d61-a4a7-5f92a8ee79be

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 108ms
108ms Stylesheet
text/css 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1637995575286

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

38a4932ef69f2de2422f3f141d92fadaa5c6191a44cdf40d2e03cb8d4eda9245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 1bde85f3-1a7d-4b97-926f-15bd485694f3
x-trace-id: 00-2fe4543204d0ae4a8cdc3156a286c9e4-5758ff713cb95035-00
served-by: 2601
last-modified: Wed, 17 Nov 2021 12:05:30 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 2601
Content-Type: text/css
expires: Sun, 27 Nov 2022 06:46:15 GMT

GET
H2 200 vendor-cb48eae2d25974cb9e453b74e43d0225.css
assetscdn-wchat.freshchat.com/static/assets/ Frame D102 5 KB
2 KB 85ms
38ms Stylesheet
text/css 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-cb48eae2d25974cb9e453b74e43d0225.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:45:29 GMT
content-encoding: br
last-modified: Tue, 02 Nov 2021 10:53:59 GMT
server: AmazonS3
age: 343
etag: W/"cb48eae2d25974cb9e453b74e43d0225"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ajf4rToV6fgeoFNEkc8Lei0EWf4v3gjqY5OMJAxtORdS1S627YgdCA==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 fc_web_widget-a06292b1c1e91f39c7f20e657f7aef91.css
assetscdn-wchat.freshchat.com/static/assets/ Frame D102 213 KB
23 KB 55ms
8ms Stylesheet
text/css 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-a06292b1c1e91f39c7f20e657f7aef91.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d14ab1dc629e538ace38c25943c0108b4f8dbee28e1f08aafb1fce6d8948f87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:42:20 GMT
content-encoding: br
last-modified: Tue, 02 Nov 2021 10:53:54 GMT
server: AmazonS3
age: 349
etag: W/"a06292b1c1e91f39c7f20e657f7aef91"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Ejcu_cFtrdkYZp3ESDkbnvV5Zkwck9cskk08_ysT2ZOOLcVuyf7S6A==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 vendor-8b3cb5516058c116454840bd5004e89b.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame D102 2 MB
383 KB 56ms
9ms Script
text/javascript 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c55564fb4c3fb1f401801f7eca2876cbb80926311d3fc8499f9fbe39e9955b31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:42:20 GMT
content-encoding: br
last-modified: Wed, 17 Nov 2021 12:05:37 GMT
server: AmazonS3
age: 311
etag: W/"86b460db4e47034ce680591f021cc8f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: wH1zKzyQuWqUTTAG1Xz_ebGnpTEfkpOsZ-q66K4WusaZaW3JBqkXkg==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 fc_web_widget-af23df389d09655fec337822946ab376.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame D102 1 MB
200 KB 80ms
34ms Script
text/javascript 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-af23df389d09655fec337822946ab376.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cda2ff410ac6712aa85893ef0ce171a0b820c238db3fc9339c53dc2caad56cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:41:49 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 12:05:32 GMT
server: AmazonS3
age: 534
etag: W/"10b1446e6021dcfdfc067c81211be12e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bunZU6SaaSoxVk9xapEh-7FMeyq7gt4T7vWUV96GXnj6WNwG8TJjqg==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame D102 80 KB
25 KB 37ms
9ms Script
text/javascript 13.225.77.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-af23df389d09655fec337822946ab376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 043e2c49b29f50cf5d43c6b5a66dec8e0c7725ee8a9a09ff3d2b36ed89d15556

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ddrHIuX8QGhA9b8UL1RAxvKBvnDtqWaO
content-encoding: gzip
etag: W/"4fca5f34f34deb74a8c230ab92e85cce"
last-modified: Thu, 05 Aug 2021 16:15:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
x-amz-cf-id: K1zTv5pFr8ct4-iwZrDtHEZZ17uuSDRXpRUIay0GGm_lZ_g9dSf0ew==

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/ Frame D102 1 KB
2 KB 122ms
121ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/config?domain=aHR0cHM6Ly9vZmZlcnRhLnNl

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

1e2973974892f54196a8c7d828b5596a57070349d1bced8a4a7dcdccbe2b10d8

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 13
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: a0c11fd0-ebd8-44eb-b549-d2cfc7a475b1
x-trace-id: 00-cdcf7dc3172a568c955cd6e7dee869d8-97ffe0e7a4505a0d-00
served-by: 5612
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5612
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 en-us-28821ce664b923581d789fe132fdfa67.js Show response
assetscdn-wchat.freshchat.com/static/assets/translations/ Frame D102 12 KB
4 KB 24ms
7ms XHR
text/javascript 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/translations/en-us-28821ce664b923581d789fe132fdfa67.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c699c763680db4221468c22d27bd952b645914fbc80c8aee08d528070405048

Request headers

Accept: application/json, text/plain, */*
Referer: https://wchat.freshchat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:43:07 GMT
content-encoding: br
age: 330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
access-control-allow-origin: https://wchat.freshchat.com
last-modified: Tue, 02 Nov 2021 10:53:58 GMT
server: AmazonS3
etag: W/"28821ce664b923581d789fe132fdfa67"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _5HYatNB7F84KviJfQkZZ-lApbmx3zzBGbXydmyvBQhqh6R18T7Gcw==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame B9AE
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=B8B8PDsb8oU8LuIYjMCmmfIqqQEoEQQq

42 B
416 B

30ms
14ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=B8B8PDsb8oU8LuIYjMCmmfIqqQEoEQQq
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Nov 2021 06:46:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=B8B8PDsb8oU8LuIYjMCmmfIqqQEoEQQq
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2345
date: Sat, 27 Nov 2021 06:46:15 GMT
content-length: 197
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B9AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1uQmMzTkRadDlhRkRwcVdERE5xUGpydnBhQ1VwLVFFOTNzNmt1QQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
341 B

13ms
12ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 367349
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame B9AE
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA&custom=&tag_format=img&tag_action=sync&custom=&cb=0ce9666b-7dd1-4f5d-9ff7-c186ef4...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0ce9666b-7dd1-4f5...

0
638 B

32ms
32ms

Image
text/plain

34.255.68.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0ce9666b-7dd1-4f5d-9ff7-c186ef497fe0&final=true&reqid=b7fa19e0-4f4d-11ec-847e-9556087288f0&timestamp=2021-11-27T06%3A46%3A15.934Z
Protocol: HTTP/1.1
Server: 34.255.68.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=1043&partner_id=1048&uid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=0ce9666b-7dd1-4f5d-9ff7-c186ef497fe0&final=true&reqid=b7fa19e0-4f4d-11ec-847e-9556087288f0&timestamp=2021-11-27T06%3A46%3A15.934Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 294
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
cm.mgid.com/ Frame B9AE 43 B
813 B 78ms
56ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617660&c=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b4965fd0f015c4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame B9AE
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA

95 B
425 B

15ms
14ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA
date: Sat, 27 Nov 2021 06:46:15 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 v1
ads.yahoo.com/cms/ Frame B9AE 0
447 B 27ms
7ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame B9AE 43 B
715 B 114ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 27 Nov 2021 06:46:15 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame B9AE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-TE_7LjZt9aFDpqWDDNqPjrvpaCVjFBPYWSLNjg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-TE_7LjZt9aFDpqWDDNqPjrvpaCVjFBPYWSLNjg&verify=true

0
122 B

11ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-TE_7LjZt9aFDpqWDDNqPjrvpaCVjFBPYWSLNjg&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-TE_7LjZt9aFDpqWDDNqPjrvpaCVjFBPYWSLNjg&verify=true
date: Sat, 27 Nov 2021 06:46:15 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame B9AE 0
476 B 350ms
88ms Image
text/plain 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-k-WhNjZt9aFDpqWDDNqPjrvpaCUGGlgVqzlZnw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:16 GMT
Cache-Control: no-cache
X-TraceId: f558943fafccf0a9e13a59dbb7fdce80
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame B9AE 0
427 B 161ms
132ms Image
text/plain 184.51.8.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.8.183 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-8-183.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 27 Nov 2021 06:46:15 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame B9AE 0
239 B 33ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-s8VvXTZt9aFDpqWDDNqPjrvpaCXDOgBTbFxjdA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame B9AE
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA%26seg%3D95287

43 B
1 KB

24ms
24ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:15 GMT
X-Proxy-Origin: 136.243.198.86; 136.243.198.86; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a5eb25a9-9eb4-49f8-a857-dc83028e0b1d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:15 GMT
X-Proxy-Origin: 136.243.198.86; 136.243.198.86; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f234687a-6151-4214-9bec-82505dbee267
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame B9AE
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&expires=30&user_group=5

43 B
495 B

10ms
9ms

Image
image/gif

18.192.203.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.192.203.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mqxUDzZt9aFDpqWDDNqPjrvpaCXafM4JVsnsyA&expires=30&user_group=5
Date: Sat, 27 Nov 2021 06:46:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame B9AE 170 B
600 B 285ms
266ms Image
image/png 34.102.166.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-A5PyoTZt9aFDpqWDDNqPjrvpaCXAyrR2KRAMkg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
content-encoding: gzip
vary: accept-encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: image/png;charset=utf-8
alt-svc: clear
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B9AE 42 B
677 B 40ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dSbHpjZt9aFDpqWDDNqPjrvpaCXizLZI80h03g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:14 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:366
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK Criteo
crb.kargo.com/api/v1/dsync/ Frame B9AE 43 B
360 B 33ms
8ms Image
image/gif 3.127.62.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Criteo?exid=k-nBc3NDZt9aFDpqWDDNqPjrvpaCUp-QE93s6kuA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.62.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-62-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:15 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

xuid
eb2.3lift.com/ Frame B9AE
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-mVr1xTZt9aFDpqWDDNqPjrvpaCVRXhNjB9AOgw&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-mVr1xTZt9aFDpqWDDNqPjrvpaCVRXhNjB9AOgw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-mVr1xTZt9aFDpqWDDNqPjrvpaCVRXhNjB9AOgw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-mVr1xTZt9aFDpqWDDNqPjrvpaCVRXhNjB9AOgw&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 27 Nov 2021 06:46:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w
an.yandex.ru/mapuid/criteois/ Frame B9AE
Redirect Chain

https://an.yandex.ru/mapuid/criteois/k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w
https://an.yandex.ru/mapuid/criteois/k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w?redir-setuniq=1

43 B
108 B

34ms
34ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/criteois/k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w?redir-setuniq=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
last-modified: Sat, 27 Nov 2021 06:46:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Nov 2021 06:46:16 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
last-modified: Sat, 27 Nov 2021 06:46:16 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/criteois/k-yo0nQzZt9aFDpqWDDNqPjrvpaCXGg8CP6tei_w?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Nov 2021 06:46:16 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B9AE 204 B
204 B 43ms
15ms Image
text/html 2.18.68.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-0MuUpjZt9aFDpqWDDNqPjrvpaCVo29lMNxTfZA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.68.31 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-68-31.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
cache-control: max-age=1830582
server: Apache
date: Sat, 27 Nov 2021 06:46:15 GMT
content-length: 204
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame B9AE
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w&C=1

43 B
1 KB

51ms
51ms

Image
image/gif

184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w&C=1
Protocol: HTTP/1.1
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 27 Nov 2021 06:46:16 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Sat, 27 Nov 2021 06:46:15 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame B9AE 0
240 B 24ms
7ms Image
text/plain 2600:9000:20eb:ec00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-hPMSJDZt9aFDpqWDDNqPjrvpaCWLjAzMR-0W8w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rNKXArqoxSpOURvwvig-rF0XiGPKZm9TmzdgALL5GWLhmZbsCnRCIg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame B9AE 42 B
843 B 260ms
242ms Image
image/gif 13.225.77.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-AFzvjDZt9aFDpqWDDNqPjrvpaCWwzST-IVE1gg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-125.fra2.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:16 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-trace-id: Root=1-00000000-000000000000000000000000
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 42
x-amz-cf-id: eORjow5YIOflPYZGEy0VWe4OoDhZFVlOAPfUXWxOSzp9w34dS_8ylQ==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame B9AE 35 B
336 B 101ms
36ms Image
image/gif 99.80.164.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-7WzH8zZt9aFDpqWDDNqPjrvpaCUnhlxfOtnIDA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:16 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame B9AE 23 B
172 B 88ms
51ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-ao9n_TZt9aFDpqWDDNqPjrvpaCXwZXkTkY9ZbA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:16 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 27 Nov 2021 06:46:16 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B9AE 0
232 B 40ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Km0wJzZt9aFDpqWDDNqPjrvpaCVtAEznajMKaQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:16 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 10559

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
assetscdn-wchat.freshchat.com/static/assets/fonts/ Frame D102 5 KB
5 KB 8ms
7ms Font
binary/octet-stream 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fonts/fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-a06292b1c1e91f39c7f20e657f7aef91.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Referer: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-a06292b1c1e91f39c7f20e657f7aef91.css
Origin: https://wchat.freshchat.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:43:07 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
age: 367
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Wed, 17 Nov 2021 12:05:32 GMT
server: AmazonS3
etag: "1181e40b8546834a9805fdf81df2f865"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: vEaIzQv85i4twQBOdQxfs94KP3ioYVt5jl-pZ_X5DQ8f1Tcjynek9w==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B9AE 43 B
220 B 8ms
8ms Image
image/gif 18.192.203.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-SO1bmTZt9aFDpqWDDNqPjrvpaCWtPbw1eJd-Kg&expires=30&user_group=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.203.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B9AE 42 B
187 B 12ms
12ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:k-dSbHpjZt9aFDpqWDDNqPjrvpaCXizLZI80h03g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:15 GMT
cache-control: no-store, no-cache, private
x-lat: amspug003:0:387
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B9AE
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2521466497111680469

43 B
342 B

18ms
17ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2521466497111680469
Protocol: H2
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:15 GMT
content-type: image/gif
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2111942
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Nov 2021 06:46:16 GMT
X-Proxy-Origin: 136.243.198.86; 136.243.198.86; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 85feb22a-9a7b-4cb7-91bd-02a50527c775
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2521466497111680469
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 206 notif.mp3
assetscdn-wchat.freshchat.com/static/assets/audio/ Frame D102 4 KB
5 KB 8ms
8ms Media
audio/mpeg 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/audio/notif.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 27 Nov 2021 06:42:36 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
age: 318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Wed, 17 Nov 2021 12:05:32 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 6fIYyuvFe53xfDKlYUwCYYPF8UJFpnWnNmtc3NPM-XSbSOfACwpRBQ==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 204 t.gif
cw.addthis.com/ Frame B9AE 0
427 B 185ms
185ms Image
text/plain 184.51.8.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-s8VvXTZt9aFDpqWDDNqPjrvpaCXDOgBTbFxjdA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.8.183 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-8-183.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Nov 2021 06:46:16 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 27 Nov 2021 06:46:16 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B9AE 43 B
220 B 9ms
8ms Image
image/gif 18.192.203.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s8VvXTZt9aFDpqWDDNqPjrvpaCXDOgBTbFxjdA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.203.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/ Frame D102 63 B
1 KB 117ms
117ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: d04860ff-4661-45d8-937b-dcdcac0eaefb
x-trace-id: 00-3e577e72b251bc5b50735770d5963d09-3239c8dae3d0a730-00
served-by: 5323
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 sv-075d653e56555712de242ebbc394669c.js Show response
assetscdn-wchat.freshchat.com/static/assets/locales/ Frame D102 1 KB
1 KB 14ms
14ms Script
text/javascript 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/locales/sv-075d653e56555712de242ebbc394669c.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-af23df389d09655fec337822946ab376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed78608a0e771886ec50291b1bf17abdeeb64883c1fbc4222fd9b19750529189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 12:05:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"baf6c027cc5e7a4327d0919b36a4de45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: DusGLTO3DK-cWwCBVp3ayaa4Fhgis4Q3MRkmEtKm-fNSsqeW0HmBGQ==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 sv-8fc9f9e74300d6244e6a3b661261711d.js Show response
assetscdn-wchat.freshchat.com/static/assets/translations/ Frame D102 12 KB
5 KB 12ms
11ms XHR
text/javascript 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/translations/sv-8fc9f9e74300d6244e6a3b661261711d.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 760bf002cab7615d09fb84b92198115c7d1a1903f3a2e98d93fc8218d9c9a4fd

Request headers

Accept: application/json, text/plain, */*
Referer: https://wchat.freshchat.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
access-control-allow-origin: https://wchat.freshchat.com
last-modified: Wed, 17 Nov 2021 12:05:37 GMT
server: AmazonS3
etag: W/"8fc9f9e74300d6244e6a3b661261711d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-id: z1f133t2pRUcyxpbrhXMki9-ldGeAj6L9XE7gwboLm81TqDLs7JUVw==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/ Frame D102 6 KB
3 KB 137ms
137ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/widget_info_v2?locales=sv,en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

4fb9199c5e0bfcab49ee7ea8a9dfe18ad288e33a3bb9da26daba05e2fe17413a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 27
x-status: MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: e58e292c-08f8-41ec-aea6-b52b45d03f97
x-trace-id: 00-8f0c1e1b2347b601afb2410873b079a6-7ddd954b3c7a0b72-00
served-by: 2601
server: fwe
x-ratelimit-remaining: 2997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 2601
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK category Show response
wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/faq/ Frame D102 19 KB
7 KB 125ms
125ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/faq/category?platform=web&locales=sv%2Cen-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

2c91632a95c62d49010f8128780a371bb1f617240cc70da42d3e480341b91906

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=62991366-f918-4244-9199-d663f807e81a&referrer=aHR0cHM6Ly9vZmZlcnRhLnNl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 8
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 01276b8c-c12c-9c92-a13f-bafae9b64700
x-trace-id: 00-429e1e5bbae19cf492992a11249d6131-def16fc3a777c32c-01
served-by: 2601
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2995
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 2601
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/user/beadf6e0-bb38-41fe-b0b5-640bf3cf21f8/ Frame D102 17 B
1 KB 114ms
114ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/62991366-f918-4244-9199-d663f807e81a/user/beadf6e0-bb38-41fe-b0b5-640bf3cf21f8/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-8b3cb5516058c116454840bd5004e89b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 27 Nov 2021 06:46:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: ec5366da-bd69-441c-8ef4-0ed47a4b7ccf
x-trace-id: 00-d91575178cb6c04f521de40d625c38e9-3e7450452014c271-00
served-by: 4082
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2996
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 freshchat-line-cd452acf4efb05843ef7575e5a9de756.svg
assetscdn-wchat.freshchat.com/static/assets/images/ Frame D102 663 B
1 KB 9ms
8ms Image
image/svg+xml 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/images/freshchat-line-cd452acf4efb05843ef7575e5a9de756.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:42:22 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 12:05:32 GMT
server: AmazonS3
age: 529
etag: "cd452acf4efb05843ef7575e5a9de756"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 663
x-amz-cf-id: kzMcc0VgEn-EfSj5UCDiR1NLAXmzpNZtE9S4Q10YH6CNBUtXSeAvKg==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 freshdesk_logo-700ca107b848b083e9b0659a98efb160.svg
assetscdn-wchat.freshchat.com/static/assets/images/ Frame D102 780 B
1 KB 8ms
8ms Image
image/svg+xml 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/images/freshdesk_logo-700ca107b848b083e9b0659a98efb160.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 686dafbfae5cb1ce1d2fa53a057ab5dd17277682ea06d68c9b7e23666adcae4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:41:58 GMT
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
last-modified: Tue, 02 Nov 2021 10:53:54 GMT
server: AmazonS3
age: 532
etag: "700ca107b848b083e9b0659a98efb160"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 780
x-amz-cf-id: hjn5udRVQoTjOvOwBDNA9yR7AEvdegisRq6TpN2CTUOud_U-nWCP6g==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 index.html Show response
132195664154414.webpush.freshchat.com/ Frame 5430 30 KB
7 KB 426ms
392ms Document
text/html 13.225.77.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://132195664154414.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZlcnRhLnNl
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://offerta.se/

Response headers

content-type: text/html
date: Sat, 27 Nov 2021 06:46:17 GMT
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: doVuuMZHKDlxH1C-5Bzg9cu6sIRCxnXZIK36IYvfQ0Z0pZ3DWjvscg==

GET
BLOB 200
OK 189237c3-8dfd-48fd-a2ee-ed2b6aa2d745
https://wchat.freshchat.com/ Frame D102 150 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/189237c3-8dfd-48fd-a2ee-ed2b6aa2d745
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 150

GET
H2 200 lunr.sv.min.js Show response
assetscdn-wchat.freshchat.com/static/assets/lunr-languages/ Frame D102 4 KB
2 KB 10ms
10ms Script
text/javascript 13.225.77.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/lunr-languages/lunr.sv.min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-af23df389d09655fec337822946ab376.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 942b165bcc8218e3246fc4735af9b1c2f66514366d0000be051bf1bb896d413e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 27 Nov 2021 06:46:16 GMT
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 12:05:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"2c22035941f0d81181afb599dc66bf4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: Bx85TvrMDYxHtuweG37cE0OmUj99p7kar-d52cBCDdwL6iEZAwc5Dg==
expires: Thu, 17 Nov 2022 12:05:30 GMT

GET
H2 200 fc_logo.png
132195664154414.webpush.freshchat.com/ Frame 5430 4 KB
4 KB 7ms
7ms Image
image/png 13.225.77.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://132195664154414.webpush.freshchat.com/fc_logo.png
Requested by: Host: 132195664154414.webpush.freshchat.com
URL: https://132195664154414.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZlcnRhLnNl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.77.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-77-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://132195664154414.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9vZmZlcnRhLnNl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 19:53:56 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
age: 39141
etag: "e87df9f10dcf497ae292dc234200465c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: pL3aNVpcnVmZCQLxW1-aQh8O_HJXT8r43Xwls5dTt4TwbkV46IwaWw==

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offerta.se/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: i0tyoidy0ojx4rafvlq2pj35
offerta.se/	1970-01-19 23:43:07	Name: CampaignTrackingStorageService.First Value: 7B224D656469756D223A22646972656374222C22536F75726365223A22646972656374222C2254696D657374616D70223A22323032312D31312D32375430373A34363A31342E303338343734342B30313A3030227D
offerta.se/	1970-01-19 23:43:07	Name: CampaignTrackingStorageService.Latest Value: 7B224D656469756D223A22646972656374222C22536F75726365223A22646972656374222C2254696D657374616D70223A22323032312D31312D32375430373A34363A31342E303338343734342B30313A3030227D
.offerta.se/	1970-01-20 07:46:57	Name: _vwo_uuid_v2 Value: D4E6788E2650F813B27893ADB16C68A36\|f45e1201a685db0d4953a560237bcc53
.offerta.se/	1970-01-20 16:31:07	Name: _ga Value: GA1.2.1165733728.1637995574
.offerta.se/	1970-01-19 23:01:21	Name: _gid Value: GA1.2.378992165.1637995574
.offerta.se/	1970-01-19 22:59:55	Name: _gat Value: 1
.criteo.com/	1970-01-20 08:21:31	Name: uid Value: 1b242c0b-9004-4121-9957-a7e734a08516
.offerta.se/	1970-01-20 01:09:31	Name: _fbp Value: fb.1.1637995574614.1473840458
.offerta.se/	1970-01-20 07:45:31	Name: _hjSessionUser_1459392 Value: eyJpZCI6IjgzOTkzNDU2LWNhMTktNTI3My05YTVjLThlZTYwZWU3NjZhOCIsImNyZWF0ZWQiOjE2Mzc5OTU1NzQ1NDksImV4aXN0aW5nIjpmYWxzZX0=
.offerta.se/	1970-01-19 22:59:57	Name: _hjFirstSeen Value: 1
.offerta.se/	1970-01-19 22:59:57	Name: _hjSession_1459392 Value: eyJpZCI6IjViYTg2ODdmLThlMDctNDVhMC04N2NiLWIwYjFkYjljZjE1OCIsImNyZWF0ZWQiOjE2Mzc5OTU1NzQ2MjB9
offerta.se/	1970-01-19 22:59:55	Name: _hjIncludedInPageviewSample Value: 1
.offerta.se/	1970-01-19 22:59:57	Name: _hjAbsoluteSessionInProgress Value: 1
offerta.se/	1970-01-19 22:59:55	Name: _hjIncludedInSessionSample Value: 1
.offerta.se/	1970-01-20 08:29:19	Name: cto_bundle Value: QZClr19QeVB6WnI0dFBSaUFXTXFlY2hZdHdlNmxwTjFFWXVMVzclMkJCUDJxblBuZnBIaHBwVDkxQyUyRmFkOE1Wc1VpJTJCT24yZ0R6TUdZT0dhbHdwUCUyQmZDWWpDOXlDTkI3aW1DaVlmdUklMkJ3TWolMkJiQnlTaEx1VmFBTmxFNm5uWWtUelRSYjQzVXUlMkJMJTJGREt1Q3VhJTJGdnJJeURrSEc4emclM0QlM0Q
.linkedin.com/	1970-01-19 23:43:07	Name: UserMatchHistory Value: AQJdRkrk1CXULQAAAX1gJPYEEVotB4gpn8a6zGAjxGWvNvNINM22ZwKHu-BBMJWwesb7TWazUj4W-Q
.linkedin.com/	1970-01-19 23:43:07	Name: AnalyticsSyncHistory Value: AQKcWWXMjpN4AQAAAX1gJPYEFgPRnkUqGppALly8y-vAyw9Y22fLFi1DKFNylBcZHQvGakO4FMA1WK8d2o2L3w
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:31:49	Name: bcookie Value: "v=2&54994bb4-87da-4143-830b-7a985694791a"
.linkedin.com/	1970-01-19 23:01:21	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2166:u=1:x=1:i=1637995574:t=1638081974:v=2:sig=AQEPq37fhM5PdMcuy21CHratcV6NAhmh"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:31:49	Name: bscookie Value: "v=1&20211127064614915118de-3502-473e-85a9-3a2891aa80afAQGIB5oUPa5r_v_lKDKRPiO91iR39E-F"
.linkedin.com/	1970-01-20 16:19:13	Name: li_gc Value: MTswOzE2Mzc5OTU1NzQ7MjswMjF+PmlRWJSBpLZsXU6JJgVO73V65gPY1SXAsCGKokobuA==
.offerta.se/	1970-01-20 07:45:31	Name: _fw_crm_v Value: 89a60d71-432b-403f-8131-537d167b1089
.tapad.com/	1970-01-20 00:26:19	Name: TapAd_TS Value: 1637995575849
.tapad.com/	1970-01-20 00:26:19	Name: TapAd_DID Value: e92e9341-7d9c-4332-8545-6b0e2b7a4a58
.doubleclick.net/	1970-01-20 08:21:31	Name: IDE Value: AHWqTUmDXLvivfZOiErXZzzxqyyTQl35cTpW20Gzz5YvN9uSMg9Pg0A4XMt0o9GP7CY
.analytics.yahoo.com/	1970-01-20 07:46:57	Name: IDSYNC Value: 18zh~21ri
.rlcdn.com/	1970-01-20 07:45:31	Name: rlas3 Value: 137WWs8XI4P3Z9H7aIyiQr7vs7m//FDTcNBiqYF0Y4k=
.rlcdn.com/	1970-01-20 00:26:19	Name: pxrc Value: CAA=
.tapad.com/	1970-01-20 00:26:19	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 01:09:31	Name: uuid2 Value: 2521466497111680469
.bidswitch.net/	1970-01-20 07:45:31	Name: tuuid Value: c6ff074d-b2a0-4d67-ac31-dabb94dd5875
.bidswitch.net/	1970-01-20 07:45:31	Name: c Value: 1637995575
.bidswitch.net/	1970-01-20 07:45:31	Name: tuuid_lu Value: 1637995575
cm.mgid.com/	1970-01-19 23:43:07	Name: mg_sync Value: {"617660":1637995575}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: laqflOdodyKm
.mgid.com/	1970-01-19 22:59:57	Name: __cf_bm Value: 75XSd0gE7gh6UefFQgUaGPgWWRA_iajFhr04qXrK6b4-1637995575-0-ARbVPoy4x+aOzQGXrknxp1tp8uPQhvNWMvKXaR3NNtZXJ+f6JCqaldYS4xrDzqsAl0tJdnVRhdoUjjI09Zr7UCE=
.pubmatic.com/	1970-01-19 23:43:07	Name: KRTBCOOKIE_97 Value: 3385-uid:k-dSbHpjZt9aFDpqWDDNqPjrvpaCXizLZI80h03g&KRTB&23286-uid:k-dSbHpjZt9aFDpqWDDNqPjrvpaCXizLZI80h03g&KRTB&23287-uid:k-dSbHpjZt9aFDpqWDDNqPjrvpaCXizLZI80h03g&KRTB&23288-uid:k-dSbHpjZt9aFDpqWDDNqPjrvpaCXizLZI80h03g
.pubmatic.com/	1970-01-19 23:43:07	Name: PugT Value: 1637995574
.pubmatic.com/	1970-01-20 01:09:31	Name: PUBMDCID Value: 3
.yahoo.com/	1970-01-20 07:45:53	Name: A3 Value: d=AQABBDfUoWECEMK6uNc5ZsrbadGTfSVuvS4FEgEBAQElo2GrYQAAAAAA_eMAAA&S=AQAAAi_nm5YWS62WdXHlHRu4xd8
.3lift.com/	1970-01-20 01:09:31	Name: tluid Value: 15273321773768062296
.addthis.com/	1970-01-20 08:21:31	Name: ouid Value: 61a1d43700019dc5ce18d2fc7e9b71f76da2b4fde05b990f3837
.addthis.com/	1970-01-20 08:21:31	Name: uid Value: 61a1d437d028fa8e
.addthis.com/	1970-01-20 08:21:31	Name: na_id Value: 2021112706461592200390069257
.mediawallahscript.com/	1970-01-20 16:31:07	Name: mCookie Value: b8020920-4f4d-11ec-847e-9556087288f0
.mediawallahscript.com/	1970-01-20 16:31:07	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D
.adnxs.com/	1970-01-20 01:09:31	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2In@9NoA<!EKw)0I^OS4<OqA4uZ:J%W.TP[mR->)E_s$%L%1Ww!IT6QXU<AWOjhwLvm<oQ]zbY-@nrXFcbQwCoP1wCrtOdCnY4hMncRO
.casalemedia.com/	1970-01-20 07:45:31	Name: CMID Value: YaHUN9sEzhSB8y9LmCjtmQAA
.casalemedia.com/	1970-01-20 01:09:31	Name: CMPS Value: 5238
.taboola.com/	1970-01-20 07:45:31	Name: t_gid Value: d356cc5e-ac71-4ff5-97f5-0c6460473f51-tuct89b59b8
.yandex.ru/	1970-01-23 14:35:55	Name: yuidss Value: 3092812021637995576
.yandex.ru/	1970-01-23 14:35:55	Name: yandexuid Value: 3092812021637995576
.revcontent.com/	1970-02-07 04:59:55	Name: __ID Value: c5ac0f93f0974fb88fe1342c274cae03
.revcontent.com/	1970-01-19 23:43:07	Name: v1_151 Value: 1
.casalemedia.com/	1970-01-20 01:09:31	Name: CMPRO Value: 1172
.casalemedia.com/	1970-01-20 07:45:31	Name: CMRUM3 Value: 1461a1d4382760k-_a3M0jZt9aFDpqWDDNqPjrvpaCXZBoMsFmIM7w
.casalemedia.com/	1970-01-19 23:01:21	Name: CMST Value: YaHUOGGh1DgA
.tpmn.co.kr/	1970-01-20 07:45:31	Name: uuid Value: e5cc314918344deca21266e00a0d6709
.tpmn.co.kr/	1970-01-19 23:43:07	Name: criteo Value: k-A5PyoTZt9aFDpqWDDNqPjrvpaCXAyrR2KRAMkg
.outbrain.com/	1970-01-20 01:09:31	Name: obuid Value: c863ffd4-e238-4713-a4f9-4cc3ffcbdd6c
.outbrain.com/	1970-01-19 23:43:07	Name: criteo Value: k-k-WhNjZt9aFDpqWDDNqPjrvpaCUGGlgVqzlZnw
.adtdp.com/	1970-01-20 16:31:07	Name: uid Value: ac3963cc-b43a-462d-8626-25630627c1ad
.adtdp.com/	1970-01-20 16:31:07	Name: pr Value: aja

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

132195664154414.webpush.freshchat.com
ad.as.amanad.adtdp.com
ad.tpmn.co.kr
ads.yahoo.com
ajax.googleapis.com
an.yandex.ru
assetscdn-wchat.freshchat.com
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
contextual.media.net
crb.kargo.com
criteo-sync.teads.tv
cw.addthis.com
dev.visualwebsiteoptimizer.com
dis.criteo.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
idsync.rlcdn.com
in.hotjar.com
mug.criteo.com
offerta.se
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rts-static-prod.freshworksapi.com
s.ad.smaato.net
script.hotjar.com
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
vars.hotjar.com
vc.hotjar.io
wchat.freshchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.19.135.78
104.96.128.226
108.174.10.14
13.224.193.12
13.224.193.38
13.225.77.111
13.225.77.125
13.225.77.24
13.225.77.35
13.225.77.65
13.225.77.93
13.248.245.213
141.226.228.48
142.250.181.226
142.250.186.98
178.250.0.157
178.250.2.151
18.192.203.176
184.51.8.183
184.51.9.98
185.33.221.50
185.64.189.110
2.18.68.31
212.82.100.181
2600:9000:20eb:ec00:1b:5138:8a40:93a1
2620:119:50e8:101::9002:f05
2620:1ec:21::14
2a00:1288:80:800::7001
2a00:1450:4001:803::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:6c00::210:ba11
2a02:6b8::90
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.126.56.137
3.127.62.220
34.102.166.132
34.236.232.170
34.255.68.26
34.96.102.137
35.227.248.159
35.244.174.68
40.127.232.98
54.78.108.238
64.202.112.191
69.173.144.138
99.80.164.0
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
043e2c49b29f50cf5d43c6b5a66dec8e0c7725ee8a9a09ff3d2b36ed89d15556
052795a3b03b59dada62f3504a90f586b5b10fa711c75ab53819b63716db7ea8
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1753ecb99b6b11683e933a6f439b13b30f25d6e264b3d0453557b0dfd4b6ad95
1b065eef93f37afc6d6a6061c0e67cafe5f8cc954918623ab44745122b8dac52
1e2973974892f54196a8c7d828b5596a57070349d1bced8a4a7dcdccbe2b10d8
23a79a1c698dc5dff7c21b56224e0d756e1d2eaeee8887f5c1b318bb0e5b46b2
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2c91632a95c62d49010f8128780a371bb1f617240cc70da42d3e480341b91906
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33cc7e461192e3ab74f4eb2237b98754cf3fd5b654771bddd3aa9f37dc03bb75
38a4932ef69f2de2422f3f141d92fadaa5c6191a44cdf40d2e03cb8d4eda9245
3d14ab1dc629e538ace38c25943c0108b4f8dbee28e1f08aafb1fce6d8948f87
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edbd936382ee71ad05bba835519782c06fb2c26b9979ca39d820b3f401987d8
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c699c763680db4221468c22d27bd952b645914fbc80c8aee08d528070405048
4cee07d6baafeeecad5420a17fb075e11345cbe68b08894dd5b5f1c5e1a5edcd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb9199c5e0bfcab49ee7ea8a9dfe18ad288e33a3bb9da26daba05e2fe17413a
50b1ff01255ecc82866fe9c7a312d4ab667ed305f305dec03fef61dfdb6cc792
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549e2170300588e96630565fe492dd80c56649250b1b839f50aa3e977ec82576
59cec601ccc4208322adc723e6bbb265550d28b4e6be655a9f503ce272ef8b7c
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
67132b7a8d4f22ec1e3e60fb95543c490228134d4bd057e4b20d07f81c13eff4
686dafbfae5cb1ce1d2fa53a057ab5dd17277682ea06d68c9b7e23666adcae4b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c6b7ce85d524aef0e0c2eb323166fcc33e89ff0f8eababbe3fd0c973faeaca2
73ac10ae37f6d1ddcda26c6c5854438e5d4e273ec221a9b79cd75ffe05e5010b
760bf002cab7615d09fb84b92198115c7d1a1903f3a2e98d93fc8218d9c9a4fd
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
76c4792e37076a070c3f65099f4706c8b97f103ab2f3e4ba2766b1181c444015
7cda2ff410ac6712aa85893ef0ce171a0b820c238db3fc9339c53dc2caad56cc
7fcb68b6f042c5caa1cf8270d46fcb0774f6acb0329fd10064b6d8806418ca7f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cc602875cc6592eb72a8ec810a31c95238833ec96691864247c1357288d4976
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
942b165bcc8218e3246fc4735af9b1c2f66514366d0000be051bf1bb896d413e
9fa86b64b58e3ad837b28d43c5cf260f9524087bfaab803c0d2f2b340020dc6b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fddf4d5fec5f577b977db5c16c6582c1768324262382650fce903a37d73ab6
a3adae33a8d10815c1a5239e94ca4b7d0b67eff0bcb8835c2fdfba412af6d6e5
a73461ad2eb2853c2e1a93781e56d513275a44a7e6e4c9a3cda7a6fda0bdc3a7
a8aaffcf2a6f10910316b350289e30a7f6468ab152b24ea365b1d0a6a42308ff
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd60e651e72e005767e294732e4ce2e1486f9f18f4086149618da25935da866
c4b9079d0a81706bf7df3392a0abd535f6ac58795b55130fc52a3cb06bae74fb
c55564fb4c3fb1f401801f7eca2876cbb80926311d3fc8499f9fbe39e9955b31
c96d21be9adf125c2c0a6f7c85e48f245ed6099afcbc271b8668a512af39d700
cb0d1a33307a26bbcccba7a3424e9d5a9e0f4cf0a378167ab6940897c7b0c8b4
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d3c4d24dd4c1b18a66115a8422c0b4e85f648922f23407bd1725fdf2ffd8adce
dbf042f1bfcbc80a1af0aa1c8ed9e48949735c952e8733056d211053339250e9
e2de2d9643bd13dead458a9c3bd343f1e847c4c553cfde45e9497ec43893449d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42fab53da9d8cb219e57dc636d3d0c6236357d399726596b08ce8bb87dd78a1
e923831c36c8347906b172473db6b88b50c73f18e0a550dd92c368ea9c835729
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ec34d2df12a8d04827d36fd52da9a9264e1b80a0822bce3e1bf4b0309c50c63b
ed78608a0e771886ec50291b1bf17abdeeb64883c1fbc4222fd9b19750529189
edbab17f98dacf6b0cf5fcc94ea3fe1f0b06e8e891498a86131e8a0582c49c4f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054a8831c589fc5acc30b24e2a9a881fe72751d10d70908577c961d9d2bf267
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f24b13e2b282c9c1c185c2452f97f0bcf3cc949f99e3fcf33c793bff17051179
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff9c2233e2e239a327e52b532cd14455c16b2297d98433608f12f0b56c6de5a0
fff26498f06ca277637c8552c37f195073751440033622a979cc645c237db3c8

offerta.se Open in urlscan Pro 40.127.232.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

109 Requests

87 %HTTPS

34 %IPv6

42 Domains

57 Subdomains

54 IPs

10 Countries

6328 kBTransfer

10030 kBSize

66 Cookies

9 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offerta.se Open in urlscan Pro
40.127.232.98 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

87 %
HTTPS

34 %
IPv6

42
Domains

57
Subdomains

54
IPs

10
Countries

6328 kB
Transfer

10030 kB
Size

66
Cookies

109 HTTP transactions
0 data transactions