urlscan.io logo urlscan.io
SecurityTrails logo

app.refapp.se Open in urlscan Pro
18.157.58.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.refapp.se/t/Tietoevry/oqpqM4jXK28aPdu?e=&book=
Submission: On June 25 via manual from CA — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 18.157.58.110, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is app.refapp.se.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 3rd 2024. Valid for: a year.
This is the only time app.refapp.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 18.157.58.110 16509 (AMAZON-02)
2 3.5.135.100 16509 (AMAZON-02)
1 34.149.169.145 396982 (GOOGLE-CL...)
20 4
Apex Domain
Subdomains		 Transfer
16 refapp.se
app.refapp.se
3 MB
2 amazonaws.com
refapp-images-production.s3.amazonaws.com
64 KB
1 browser-intake-datadoghq.eu
rum.browser-intake-datadoghq.eu — Cisco Umbrella Rank: 11739
349 B
20 3
Domain Requested by
16 app.refapp.se app.refapp.se
2 refapp-images-production.s3.amazonaws.com
1 rum.browser-intake-datadoghq.eu app.refapp.se
20 3

This site contains links to these domains. Also see Links.

Domain
www.evry.com
Subject Issuer Validity Valid
*.refapp.se
Amazon RSA 2048 M03		 2024-01-03 -
2025-01-31		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.browser-intake-datadoghq.eu
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-14 -
2025-05-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.refapp.se/t/Tietoevry/oqpqM4jXK28aPdu?e=&book=
Frame ID: 8948F7C4038F351D486808B758100697
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refapp

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+__meteor-css__

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

3181 kB
Transfer

12657 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oqpqM4jXK28aPdu
app.refapp.se/t/Tietoevry/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/t/Tietoevry/oqpqM4jXK28aPdu?e=&book=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3bb5b3affcee79575ad87b43bff77caf4f60bf614a3d4c47325ca58db1303f10
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-cJnCjQozmSwXvg5' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-cJnCjQozmSwXvg5' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
content-type
text/html; charset=utf-8
date
Tue, 25 Jun 2024 10:39:01 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
d40e0772c263c9873fea61e98a9373eafab65cb9.css
app.refapp.se/ 		132 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/d40e0772c263c9873fea61e98a9373eafab65cb9.css?meteor_css_resource=true
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/t/Tietoevry/oqpqM4jXK28aPdu?e=&book=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3ae6ba111087df9481359517c4eea477e94d7fe2952a95319c87699fcf1124f3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-4PBXsBJ3ZXdzhJd' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:01 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-4PBXsBJ3ZXdzhJd' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"d40e0772c263c9873fea61e98a9373eafab65cb9"
vary
User-Agent, Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
meteor_runtime_config.js
app.refapp.se/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/meteor_runtime_config.js?hash=f91bd06c2593f892ef04f726f5932b7b90a056c5
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/t/Tietoevry/oqpqM4jXK28aPdu?e=&book=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ea942b6f5c70dd6b18e5e24b95dadfc07334db32d5cf254a92baec6bc6435fd5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-979rakucKpDR5yR' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:01 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-979rakucKpDR5yR' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
27a3127358247f30e8162946448eaee3a9e1fb3f.js
app.refapp.se/ 		11 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/27a3127358247f30e8162946448eaee3a9e1fb3f.js?meteor_js_resource=true
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/t/Tietoevry/oqpqM4jXK28aPdu?e=&book=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6d3ce10a1ca067e71bc856de1821a85d86ea286a9b1a903da8653e5f69c1b8a3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-Hrpgdz3gSHLgFfH' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:01 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-Hrpgdz3gSHLgFfH' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"27a3127358247f30e8162946448eaee3a9e1fb3f"
vary
User-Agent, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
info
app.refapp.se/sockjs/ 		79 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/sockjs/info?t=1719311946514
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/27a3127358247f30e8162946448eaee3a9e1fb3f.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2ba177317f0ba78773565b91b03558f7738048f6f184e2a5397513347e99d9ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 25 Jun 2024 10:39:07 GMT
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
vary
Origin
content-type
application/json; charset=UTF-8
getFormData
app.refapp.se/referee/ 		7 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/referee/getFormData?referenceId=oqpqM4jXK28aPdu&source=email
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/27a3127358247f30e8162946448eaee3a9e1fb3f.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
835b7bb9dedd3779b8e6ad96fbcc9bf33503fcd9d95a9469632748039d1263aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:07 GMT
content-length
7353
content-type
application/json
d54a5058-2ad3-464c-b1cc-82b19fba6b46
https://app.refapp.se/ 		26 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.refapp.se/d54a5058-2ad3-464c-b1cc-82b19fba6b46
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeaf6751b17119d6d45a7fd8d6131d33630dc6141501a6079a864b529f92aa58

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
26278
Content-Type
favicon-32x32.png
app.refapp.se/favicon/ 		681 B
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f18568e091456a802f50c16928ee41616d2a89e40e0242adb648b3d4ca97d0c8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-TrcC6LbvnpANFR9' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:07 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-TrcC6LbvnpANFR9' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
etag
"0db495658376cb8790ff7d4652adad54baabdfa6"
content-type
image/png
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
681
OpenSans-Regular.ttf
app.refapp.se/fonts/OpenSans/ 		127 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/fonts/OpenSans/OpenSans-Regular.ttf
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/d40e0772c263c9873fea61e98a9373eafab65cb9.css?meteor_css_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-PFtN6NcYZtvNC66' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://app.refapp.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-PFtN6NcYZtvNC66' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"4805f1e0da0e94cfbe430bc20f31439ad423bd7c"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
OpenSans-Light.ttf
app.refapp.se/fonts/OpenSans/ 		127 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/fonts/OpenSans/OpenSans-Light.ttf
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/d40e0772c263c9873fea61e98a9373eafab65cb9.css?meteor_css_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
abca0004f2960ea162b161a82240a139fce6012733a76f3859febb9bed38b420
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-tu2FGZbwasiLz3L' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://app.refapp.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-tu2FGZbwasiLz3L' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"d76e91aff19ae84c8568bdc901c72c0876510bb7"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
OpenSans-Bold.ttf
app.refapp.se/fonts/OpenSans/ 		127 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/fonts/OpenSans/OpenSans-Bold.ttf
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/d40e0772c263c9873fea61e98a9373eafab65cb9.css?meteor_css_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-7sXgmqgwSgjb4ay' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://app.refapp.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-7sXgmqgwSgjb4ay' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"280c82c6f512398cc27e4d04780c0b3b2aa98c79"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
OpenSans-Medium.ttf
app.refapp.se/fonts/OpenSans/ 		127 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/fonts/OpenSans/OpenSans-Medium.ttf
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/d40e0772c263c9873fea61e98a9373eafab65cb9.css?meteor_css_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bf3dc3e49f1b9dbee1177e61895e429aaa153bc7793d5bcc342de6ea81c5931d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-Sk95pfQL66SFcDs' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://app.refapp.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-Sk95pfQL66SFcDs' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"ca218e4a93423ac39c3938d541427af231dc1030"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
Roboto-Regular.ttf
app.refapp.se/fonts/Roboto/ 		142 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.refapp.se/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/d40e0772c263c9873fea61e98a9373eafab65cb9.css?meteor_css_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-PwgZMdJjjiHsmmR' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://app.refapp.se
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-PwgZMdJjjiHsmmR' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"beb742c8c6ecd3632c0af3781179c5f69a5a63fa"
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
jgn5JnRd8vNJqdsTRK4T
refapp-images-production.s3.amazonaws.com/company-avatars/2022-02-10/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refapp-images-production.s3.amazonaws.com/company-avatars/2022-02-10/jgn5JnRd8vNJqdsTRK4T
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.135.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
91a780755d27d13e5fb6a931a659ed52101e3874778344aa1a44d20b95fb1822

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 10:39:09 GMT
x-amz-version-id
Ci3JUw8IEEzssPMPYNFxRsHjkhR3T0IB
Last-Modified
Thu, 10 Feb 2022 13:27:19 GMT
Server
AmazonS3
x-amz-request-id
FTKGW1WWR6WSDJYR
ETag
"dc692b27343dd124fa6ba313313f20de"
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
59773
x-amz-id-2
bxVJxrN9WXePqMIwXVYAJLWOD8ZQLFp352V3DHkx/72k9voPuwbdKRKX5NQwucroBFeWbZFKul2y5uT6BZI4Y6JcP7uM4AgsFYY+3vhawrQ=
QXpK1-DZoffpmrHp5ST78vkdiA-100x100
refapp-images-production.s3.amazonaws.com/2023-05-08/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refapp-images-production.s3.amazonaws.com/2023-05-08/QXpK1-DZoffpmrHp5ST78vkdiA-100x100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
3.5.135.100 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a1c339ecb7d85bda6018a1a02b28cf5bcc25f82ad55b95531cfa469aa119ab79

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 25 Jun 2024 10:39:09 GMT
x-amz-version-id
2yLutwFuHGTXeByidebS9bVmGvtAQT2E
Last-Modified
Mon, 08 May 2023 10:50:52 GMT
Server
AmazonS3
x-amz-request-id
FTKJGXHFE7SKZ1E9
ETag
"6295604c9b5012d2eb0e344d5e2f724b"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
4280
x-amz-id-2
/oFxypHEmG5voGmve9HOXYLcXGJ+Kdu9Z66TEW5b2Pvm07abZFmeS7yCVuYWCgL4XnjnOVJ//EumgJVQVQM+XgkEyXhxp18W/QRQehT5fzU=
In-White-14.png
app.refapp.se/icons/linkedin/ 		157 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.refapp.se/icons/linkedin/In-White-14.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f3dcb75ae2ee9e5b5956429ad701875d129c40803c0bbf0810f2c9ef5649131c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-KszqxmefGtKKjwq' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-KszqxmefGtKKjwq' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
etag
"dee6223501e9fe30ef527b1b003a550e2f651d36"
content-type
image/png
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
157
f_logo_RGB-White_58.png
app.refapp.se/icons/facebook/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.refapp.se/icons/facebook/f_logo_RGB-White_58.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
067ade00c3ce9ca6cff444f9152104b744e0edb4b4ea4c46ecff822bd5d97ca3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-eo8xPcFcnpSmSax' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-eo8xPcFcnpSmSax' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
etag
"be5b385ee46e77c02379f725d941d84032502684"
content-type
image/png
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
1847
BankID_logo_cropped.svg
app.refapp.se/icons/bankid-se/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.refapp.se/icons/bankid-se/BankID_logo_cropped.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
431b87a1c8d15f31030967d19ef72fde3260329d7cab8d45a220c8573595a475
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-9p2E27XK57w2F7E' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-9p2E27XK57w2F7E' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
strict-transport-security
max-age=31536000
etag
"4b8999c9de177c55b68a83b988bfca4ec7af2d3f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
icon_32x32.png
app.refapp.se/icons/vipps/ 		687 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.refapp.se/icons/vipps/icon_32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.58.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-58-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
63d9ad16e6f54baa2c44b22dad041dbad7d8cecff21ef49e137a524491ea0357
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-P2aGaHHCoFgttaH' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:39:08 GMT
content-security-policy
default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-P2aGaHHCoFgttaH' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
referrer-policy
no-referrer
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
etag
"f0b976a58091e5680f9b96e32f5d15726d6b3902"
content-type
image/png
cache-control
public, max-age=0
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'; wake-lock 'none'; xr-spatial-tracking 'none';
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), legacy-image-formats=(), magnetometer=(), microphone=(), midi=(), oversized-images=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=(), wake-lock=(), xr-spatial-tracking=()
accept-ranges
bytes
content-length
687
rum
rum.browser-intake-datadoghq.eu/api/v2/ 		53 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.28.1%2Capi%3Afetch%2Cenv%3Aproduction&dd-api-key=pubf7612cf1147ef6361e996509a924cd7a&dd-evp-origin-version=4.28.1&dd-evp-origin=browser&dd-request-id=f151b6d0-291d-471a-b44a-f2d685975fa5&batch_time=1719311948266
Requested by
Host: app.refapp.se
URL: https://app.refapp.se/27a3127358247f30e8162946448eaee3a9e1fb3f.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.169.145 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
145.169.149.34.bc.googleusercontent.com
Software
/
Resource Hash
d9ac19b2572925a9d654bc9020e826bf8ef49dcf825d4ec47d8a57793b4cbcea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Jun 2024 10:39:08 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
via
1.1 google
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
dd-request-id
f151b6d0-291d-471a-b44a-f2d685975fa5

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| __meteor_runtime_config__ function| require object| exports object| Package object| process function| ___INIT_METEOR_FAST_REFRESH object| Mongo function| ReactiveVar object| Tracker object| Deps function| check object| Match undefined| Collection2 object| Facts object| Meteor object| global object| meteorEnv object| WebApp object| DDP undefined| LaunchScreen function| meteorInstall object| Accounts object| Autoupdate object| Reload object| DD_LOGS object| DD_RUM number| 2f1acc6c3a606b082e5eef5e54414ffb function| saveAs

3 Cookies

Domain/Path Name / Value
app.refapp.se/ Name: AWSALB
Value: Kn9JdxEi7EdDgGFVYIfMDyRVK4zdA1K8J/HRLj/BsTUXC+YL/v4DyiYW09xrVmDP0F9efUPzoUdg4FuXsUHUnFTZzBdTf/shTE11LjWyOo2Y0Sny4fUdS0MStRZh
app.refapp.se/ Name: AWSALBCORS
Value: Kn9JdxEi7EdDgGFVYIfMDyRVK4zdA1K8J/HRLj/BsTUXC+YL/v4DyiYW09xrVmDP0F9efUPzoUdg4FuXsUHUnFTZzBdTf/shTE11LjWyOo2Y0Sny4fUdS0MStRZh
app.refapp.se/ Name: _dd_s
Value: logs=1&id=b5f15cdb-675a-4673-9571-3bc089f85c7f&created=1719311946168&expire=1719312846174&rum=1

22 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'vr'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
network warning URL: https://app.refapp.se/27a3127358247f30e8162946448eaee3a9e1fb3f.js?meteor_js_resource=true(Line 450)
Message:
WebSocket connection to 'wss://app.refapp.se/sockjs/295/10xpperk/websocket' failed: WebSocket is closed before the connection is established.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self' data: wss://app.refapp.se https://logs.browser-intake-datadoghq.eu https://rum.browser-intake-datadoghq.eu https://session-replay.browser-intake-datadoghq.eu; img-src 'self' data: blob: https://storage.googleapis.com https://refapp-images-production.s3.amazonaws.com https://*.fbsbx.com https://*.licdn.com https://*.googleusercontent.com https://profilepicture.hrmts.net https://profilepicture.talentech.io; script-src 'nonce-cJnCjQozmSwXvg5' 'self' 'unsafe-eval' https://www.gstatic.com; child-src 'self' blob: ; style-src 'self' 'unsafe-inline' https://www.gstatic.com; font-src 'self'; frame-src 'self' data: blob:; frame-ancestors https://*.bullhornstaffing.com https://*.talentadore.com https://*.jobadder.com; base-uri https://app.refapp.se/; report-uri https://refapp.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.refapp.se
refapp-images-production.s3.amazonaws.com
rum.browser-intake-datadoghq.eu
18.157.58.110
3.5.135.100
34.149.169.145
067ade00c3ce9ca6cff444f9152104b744e0edb4b4ea4c46ecff822bd5d97ca3
2ba177317f0ba78773565b91b03558f7738048f6f184e2a5397513347e99d9ea
3ae6ba111087df9481359517c4eea477e94d7fe2952a95319c87699fcf1124f3
3bb5b3affcee79575ad87b43bff77caf4f60bf614a3d4c47325ca58db1303f10
431b87a1c8d15f31030967d19ef72fde3260329d7cab8d45a220c8573595a475
63d9ad16e6f54baa2c44b22dad041dbad7d8cecff21ef49e137a524491ea0357
6d3ce10a1ca067e71bc856de1821a85d86ea286a9b1a903da8653e5f69c1b8a3
835b7bb9dedd3779b8e6ad96fbcc9bf33503fcd9d95a9469632748039d1263aa
914b98c4be37d22289a09667dc5083f7c625d972fea66a049d73decad7f1df72
91a780755d27d13e5fb6a931a659ed52101e3874778344aa1a44d20b95fb1822
a0707e10e48c02363b3c6b2283b6b4f87c20e6fd24a0c5d33b381455f5b8e69b
a1c339ecb7d85bda6018a1a02b28cf5bcc25f82ad55b95531cfa469aa119ab79
abca0004f2960ea162b161a82240a139fce6012733a76f3859febb9bed38b420
aeaf6751b17119d6d45a7fd8d6131d33630dc6141501a6079a864b529f92aa58
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
bf3dc3e49f1b9dbee1177e61895e429aaa153bc7793d5bcc342de6ea81c5931d
d9ac19b2572925a9d654bc9020e826bf8ef49dcf825d4ec47d8a57793b4cbcea
ea942b6f5c70dd6b18e5e24b95dadfc07334db32d5cf254a92baec6bc6435fd5
f18568e091456a802f50c16928ee41616d2a89e40e0242adb648b3d4ca97d0c8
f3dcb75ae2ee9e5b5956429ad701875d129c40803c0bbf0810f2c9ef5649131c