www.carpay.se Open in urlscan Pro
84.19.148.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://renaultkort.se/
Effective URL:
https://www.carpay.se/
Submission: On June 20 via api (June 20th 2024, 11:49:26 am UTC) from US — Scanned from SE

Summary HTTP 44 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 44 HTTP transactions. The main IP is 84.19.148.52, located in Alingsås, Sweden and belongs to CANDIDATOR-AB, SE. The main domain is www.carpay.se.
TLS certificate: Issued by DigiCert EV RSA CA G2 on February 1st 2024. Valid for: a year.

This is the only time www.carpay.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.16.64.75 194.16.64.75	3301 (TELIANET-...) (TELIANET-SWEDEN Telia Company)
39	84.19.148.52 84.19.148.52	49419 (CANDIDATO...) (CANDIDATOR-AB)
1 1	52.201.185.17 52.201.185.17	14618 (AMAZON-AES) (AMAZON-AES)
1	54.231.225.41 54.231.225.41	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
1	104.18.36.168 104.18.36.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.93.211.47 20.93.211.47	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
44	6

1 194.16.64.75 (Örebro, Sweden) 1 redirects

ASN3301 (TELIANET-SWEDEN Telia Company, SE)
PTR: 194-16-64-75.customer.telia.com

renaultkort.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 84.19.148.52 (Alingsås, Sweden)

ASN49419 (CANDIDATOR-AB, SE)

www.carpay.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.185.17 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-185-17.compute-1.amazonaws.com

tools.applemediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.225.41 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

apple-resources.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.168 (None, )

ASN13335 (CLOUDFLARENET, US)

dl.episerver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.93.211.47 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

volvofinans.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	carpay.se www.carpay.se	783 KB
2	piwik.pro volvofinans.containers.piwik.pro	98 KB
1	episerver.net dl.episerver.net — Cisco Umbrella Rank: 32174	3 KB
1	google.com play.google.com — Cisco Umbrella Rank: 53	17 KB
1	amazonaws.com apple-resources.s3.amazonaws.com — Cisco Umbrella Rank: 46552	9 KB
1	applemediaservices.com 1 redirects tools.applemediaservices.com — Cisco Umbrella Rank: 42195	339 B
1	renaultkort.se 1 redirects renaultkort.se	113 B
44	7

	Domain	Requested by
39	www.carpay.se	www.carpay.se
2	volvofinans.containers.piwik.pro	www.carpay.se volvofinans.containers.piwik.pro
1	dl.episerver.net	www.carpay.se
1	play.google.com	www.carpay.se
1	apple-resources.s3.amazonaws.com	www.carpay.se
1	tools.applemediaservices.com	1 redirects
1	renaultkort.se	1 redirects
44	7

This site contains links to these domains. Also see Links.

Domain
inloggad.carpay.se
www.instagram.com
www.facebook.com
www.youtube.com
svarlurad.se
www.ziklo.com
apps.apple.com
play.google.com
piwik.pro

Subject Issuer	Validity	Valid
www.carpay.se DigiCert EV RSA CA G2	`2024-02-01` - `2025-02-19`	a year	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
dl.episerver.net GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.carpay.se/
Frame ID: 68C0BAFB9F53A5E0D4BE34FBB534EC4E
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CarPay ger dig full koll på din bilekonomi - CarPay

Page URL History Show full URLs

https://renaultkort.se/ HTTP 302
https://www.carpay.se/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

44
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

911 kB
Transfer

2216 kB
Size

3
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://inloggad.carpay.se/
Title: avatar Created with Sketch. Logga in

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carpay_sverige/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/smartarebilekonomi/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@carpay_sverige

Search URL Search Domain Scan URL

URL: https://inloggad.carpay.se/nykund/kortkonto-ansokan
Title: Ansök om CarPay activate-card Created with Sketch.

Search URL Search Domain Scan URL

URL: https://svarlurad.se/
Title: Läs mer på svarlurad.se >

Search URL Search Domain Scan URL

URL: https://www.ziklo.com/om-oss/fa-hjalp/fragor-och-svar-om-bankens-namnbyte/
Title: Läs mer här >

Search URL Search Domain Scan URL

URL: https://apps.apple.com/se/app/carpay/id1063224472?itsct=apps_box_badge&itscg=30200

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=se.volvofinans.carpay&hl=sv&gl=US&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1

Search URL Search Domain Scan URL

URL: https://inloggad.carpay.se/inkorg/nyttmeddelande
Title: Logga in och skicka meddelande >

Search URL Search Domain Scan URL

URL: https://www.ziklo.com/om-oss/integritet-och-sakerhet/dataskyddspolicy-hemsidor/
Title: Dataskyddspolicy

Search URL Search Domain Scan URL

URL: https://www.ziklo.com/om-oss/integritet-och-sakerhet/
Title: Integritet och säkerhet

Search URL Search Domain Scan URL

URL: https://piwik.pro/?utm_source=App&utm_medium=Consent_Pop_Up&utm_campaign=Consent_Manager_Pop_Up
Title: Piwik PRO

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://renaultkort.se/ HTTP 302
https://www.carpay.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/sv-se?size=250x83&releaseDate=1457654400 HTTP 301
https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/sv-se.svg

44 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.carpay.se/
Redirect Chain

https://renaultkort.se/
https://www.carpay.se/

73 KB
38 KB

308ms
107ms

Document
text/html

84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

cf9374cb8f5306eaa6e3a340775bee6368e8154161d08a9f079eb03da384a971

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://volvofinans.piwik.pro https://volvofinans.containers.piwik.pro https://.clarity.ms https://.mapbox.com https://www.google.com/; font-src 'self' data: https://.episerver.net https://volvofinans.containers.piwik.pro; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://volvofinans.piwik.pro https://volvofinans.containers.piwik.pro https://.episerver.net https://.adnxs.com https://.clarity.ms https://snap.licdn.com https://.pinimg.com https://cdn.scaleflex.it https://volvofinans.fbinhouse.se; frame-src 'self' https://volvofinans.fbinhouse.se https://chargefinder.com; style-src 'self' 'unsafe-inline' data: https://api.tiles.mapbox.com https://api.mapbox.com https://fonts.googleapis.com https://.episerver.net https://volvofinans.containers.piwik.pro; img-src 'self' data: https://.adnxs.com https://.clarity.ms https://.bing.com https://play.google.com https://scaleflex.ultrafast.io blob: https://.episerver.net https://cdn.imagin.studio https://apple-resources.s3.amazonaws.com https://tools.applemediaservices.com https://volvofinans.containers.piwik.pro; worker-src blob:; child-src blob:;
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
access-control-allow-methods: GET, POST
cache-control: private
content-encoding: gzip
content-security-policy: default-src 'self' https://volvofinans.piwik.pro https://volvofinans.containers.piwik.pro https://*.clarity.ms https://*.mapbox.com https://www.google.com/; font-src 'self' data: https://*.episerver.net https://volvofinans.containers.piwik.pro; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://volvofinans.piwik.pro https://volvofinans.containers.piwik.pro https://*.episerver.net https://*.adnxs.com https://*.clarity.ms https://snap.licdn.com https://*.pinimg.com https://cdn.scaleflex.it https://volvofinans.fbinhouse.se; frame-src 'self' https://volvofinans.fbinhouse.se https://chargefinder.com; style-src 'self' 'unsafe-inline' data: https://api.tiles.mapbox.com https://api.mapbox.com https://fonts.googleapis.com https://*.episerver.net https://volvofinans.containers.piwik.pro; img-src 'self' data: https://*.adnxs.com https://*.clarity.ms https://*.bing.com https://play.google.com https://scaleflex.ultrafast.io blob: https://*.episerver.net https://cdn.imagin.studio https://apple-resources.s3.amazonaws.com https://tools.applemediaservices.com https://volvofinans.containers.piwik.pro; worker-src blob:; child-src blob:;
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 11:49:18 GMT
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
ntcoent-length: 74373
referrer-policy: strict-origin
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 205
content-type: text/html; charset=iso-8859-1
date: Thu, 20 Jun 2024 11:49:20 GMT
location: https://www.carpay.se
server: Apache

GET
H2 200 carpay-e7c76dfb2b55e2ed6872.css
www.carpay.se/Content/dist/css/ 577 KB
52 KB 50ms
50ms Stylesheet
text/css 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/css/carpay-e7c76dfb2b55e2ed6872.css

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

98923ba0f317f302ef29e209f017782525511825acc87c26f06a5eefca24c2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 52477
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/css
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 carpaykort-klocka-app1.png
www.carpay.se/globalassets/11-675x675/ 24 KB
24 KB 83ms
83ms Image
image/webp 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carpay.se/globalassets/11-675x675/carpaykort-klocka-app1.png?preset=storyBlockThumbnail&format=webp

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

31fe549125f116eae0a20593244253f780a88d6d2e671b599add132c2c1871b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 24624
x-xss-protection: 1; mode=block
cteonnt-length: 24670
referrer-policy: strict-origin
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "1DA5A7A201FCAB3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H2 200 pinod-i-appen-cover-image.png
www.carpay.se/globalassets/1-video/ 22 KB
22 KB 90ms
90ms Image
image/webp 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carpay.se/globalassets/1-video/pinod-i-appen-cover-image.png?format=webp&width=1200

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

8211a53f3dbdaab1aa14cdb70fe250c8e4110b8a3ec9aeb329aa903d2cc3c0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 22709
x-xss-protection: 1; mode=block
cteonnt-length: 22686
referrer-policy: strict-origin
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "1DA4499C5C0026D"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H2 200 carpay_se_-_ladda_ner_-_landningssida_2022.png
www.carpay.se/globalassets/puff/ 7 KB
7 KB 100ms
97ms Image
image/webp 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carpay.se/globalassets/puff/carpay_se_-_ladda_ner_-_landningssida_2022.png?preset=storyBlockThumbnail&format=webp

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

9c1ed56a3067c997dbc483fae699e16d5d831307ea626aee960cbc528ed860a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 6802
x-xss-protection: 1; mode=block
cteonnt-length: 6920
referrer-policy: strict-origin
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "1D9ED49D608F013"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H/1.1

200
OK

sv-se.svg
apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/
Redirect Chain

https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/sv-se?size=250x83&releaseDate=1457654400
https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/sv-se.svg

9 KB
9 KB

515ms
172ms

Image
image/svg+xml

54.231.225.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/sv-se.svg
Requested by: Host: www.carpay.se
URL: https://www.carpay.se/
Protocol: HTTP/1.1
Server: 54.231.225.41 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: eb249aaddc515873d683ea85d695896cfd7c54dbdce9b39679ed0e40f00e0158

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer: https://www.carpay.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 20 Jun 2024 11:49:22 GMT
x-amz-version-id: null
Last-Modified: Wed, 29 Apr 2020 21:18:39 GMT
Server: AmazonS3
x-amz-request-id: DGNH9PBYS550CT4A
ETag: "248a52c5efd4462501392b051fe81d98"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 9133
x-amz-id-2: lbHTVLbDd3P8i5O0GvME3d55BnWOf3A44Jb24Qtpv/EJ2FZU//UutYNFbquPIMh3w1tlMn1ZRFQ=

Redirect headers

date: Thu, 20 Jun 2024 11:49:21 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-methods: OPTIONS, GET
content-type: text/html;charset=utf-8
location: https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/sv-se.svg
access-control-allow-origin: *
cache-control: public, max-age=604800
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 27 Jun 2024 11:49:21 GMT

GET
H2 200 sv_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 16 KB
17 KB 202ms
68ms Image
image/png 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.google.com/intl/en_us/badges/static/images/badges/sv_badge_web_generic.png

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

sffe /

Resource Hash

acddbc72ae1dc165c78edb16bb93735272377a283fd628d7766e68f396b6e55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Sep 2022 07:48:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to: {"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type: image/png
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16741
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/play_google"
expires: Thu, 20 Jun 2024 11:49:20 GMT

GET
H2 200 hero-pojke-med-sladdar-i-famnen-framfor-bil.jpg
www.carpay.se/globalassets/169-1920x1080/laddakampanj/ 134 KB
135 KB 99ms
98ms Image
image/webp 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carpay.se/globalassets/169-1920x1080/laddakampanj/hero-pojke-med-sladdar-i-famnen-framfor-bil.jpg?format=webp&width=1200

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

02dd2226422a9217cd2da291ba7888a62b30590fcd44c855fcaadac869954a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
cteonnt-length: 137722
referrer-policy: strict-origin
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "1DAA5CDF12FA3F6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H2 200 lottie_svg.min.js Show response
www.carpay.se/Content/script/ 195 KB
51 KB 53ms
51ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/script/lottie_svg.min.js

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

bd90832918787a8dd8b2a8672f8ef4ebaa4db0d7c3e3845d1c5a6e7516f264d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 51971
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 svgxuse.min.js Show response
www.carpay.se/Content/script/ 3 KB
1 KB 54ms
53ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/script/svgxuse.min.js

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

f29d14ba2b9bb368b6c7a5c986959dafb8adc8d7290d507f50e025188c775c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 1273
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 carpay-75e4f4a349264fa7f041.js Show response
www.carpay.se/Content/dist/js/ 319 KB
110 KB 56ms
54ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

a4b59feb8118674d3b08292a8f0cfa62c6f2f440fb7ada7aa6d5c94be66cfd58

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 111879
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 find.js Show response
dl.episerver.net/13.5.9/epi-util/ 6 KB
3 KB 170ms
73ms Script
application/x-javascript 104.18.36.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.episerver.net/13.5.9/epi-util/find.js
Requested by: Host: www.carpay.se
URL: https://www.carpay.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Feb 2024 02:06:26 GMT
server: cloudflare
age: 1735393
etag: "0fd1abcea69da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 896b88f4cea515e8-ARN
content-length: 2725
expires: Sun, 21 Jul 2024 11:49:20 GMT

GET
H2 200 8fd3173a-d74b-46b4-83ae-40b877f114b2.js Show response
volvofinans.containers.piwik.pro/ 244 KB
68 KB 246ms
112ms Script
application/javascript 20.93.211.47
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://volvofinans.containers.piwik.pro/8fd3173a-d74b-46b4-83ae-40b877f114b2.js

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.93.211.47 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d80fe5b8ddc240fe34991a3942680baf4fe54b7ef1691a5c630ee3dec8364c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"9d548891fbcd1224-1eca6ba14f2da99e"
vary: Accept-Encoding, Cookie
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate
x-robots-tag: none
x-cached: MISS

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e6d8c7cdb9d828852997651f9b34539aed9d9ae1ec595e8668497a92f44789d

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 291 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5ecfef7be9332337ee8429e77a63562d589ef6b598d7bc291ea77c608b786b2

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 e4d6ae3bc36d25e9e33e.woff2
www.carpay.se/Content/dist/ 29 KB
29 KB 71ms
70ms Font
font/woff2 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/e4d6ae3bc36d25e9e33e.woff2

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/css/carpay-e7c76dfb2b55e2ed6872.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

eb1536880dbbd1fe6c834a945448da98aa8d46da49000e608b1430754d3675f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Origin: https://www.carpay.se
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: font/woff2
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 29472
x-xss-protection: 1; mode=block

GET
H2 200 2c36e9578fe922a734f3.woff2
www.carpay.se/Content/dist/ 30 KB
30 KB 70ms
69ms Font
font/woff2 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/2c36e9578fe922a734f3.woff2

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/css/carpay-e7c76dfb2b55e2ed6872.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

9de4acba26710e1b0874464d0078a63fe93e298a5bc089e4508b0dd8a98fb0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Origin: https://www.carpay.se
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: font/woff2
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 30808
x-xss-protection: 1; mode=block

GET
H2 200 bf50112ef13d8e9065ca.woff2
www.carpay.se/Content/dist/ 30 KB
30 KB 72ms
71ms Font
font/woff2 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/bf50112ef13d8e9065ca.woff2

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/css/carpay-e7c76dfb2b55e2ed6872.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

830dfedea19fd00bc7d8c3941d0ceb1f93700862842c010492d995d96d90ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Origin: https://www.carpay.se
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:18 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: font/woff2
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 30480
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 33.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 4 KB
2 KB 47ms
47ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/33.chunk.js?id=1fbade4408328eb9081b

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

e956f9ec74229884a911090ab5ce173458dc6b52e6aec4acbcdf94feae611b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 1657
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 8323.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 3 KB
1 KB 47ms
47ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/8323.chunk.js?id=70f9699d08d2e4ffbed8

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

5937fd9b255c70a82c763d013f5dea3c4df7f257c448abc23cf3b742b0cba6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 1347
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 6331.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 1 KB
884 B 47ms
47ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/6331.chunk.js?id=16331182cbc4e189d8c9

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

a3d16df2a6cff77a965ec647037ca4556e43086c1c82a6d15af66e6268644c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
ntcoent-length: 1466
content-length: 726
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 5257.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 1 KB
864 B 49ms
48ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/5257.chunk.js?id=0e848afcce2b003ac234

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

f741552009b45895e3f92364fa787edb69a4456266aaef4189f518ceca22fb19

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
ntcoent-length: 1386
content-length: 706
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 1050.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 962 B
671 B 59ms
59ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/1050.chunk.js?id=c5a698cef42b938ebd67

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

a871adbb7c20a3e0aa80681c8626ccab9014bf79152d07d7470c14f094a15563

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
ntcoent-length: 962
content-length: 513
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 leave-site.svg Show response
www.carpay.se/Content/img/icons/ 1 KB
799 B 51ms
49ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/leave-site.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

22c5a501b48a225d7c3f2e4e3a33ffd6de9a80bcca0647d769896a4d084c62c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 641
x-xss-protection: 1; mode=block
cteonnt-length: 1399
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 instagram.svg Show response
www.carpay.se/Content/img/icons/ 400 B
421 B 57ms
56ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/instagram.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

19c74f468a21802769265fd69adbaac0a9fee78dc3020ea833b4f0578b4daac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 264
x-xss-protection: 1; mode=block
cteonnt-length: 400
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 facebook.svg Show response
www.carpay.se/Content/img/icons/ 303 B
398 B 49ms
48ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/facebook.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

cd753f04695d46b6faef262b33477bffc6a5449e80e35cae60f4bcc152ea4761

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 229
x-xss-protection: 1; mode=block
cteonnt-length: 303
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 youtube.svg Show response
www.carpay.se/Content/img/icons/ 565 B
482 B 57ms
56ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/youtube.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

ce16e93a9c7da8a21099a64517e3c8159c5248be6eb938d49189f54ffa2f4ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 324
x-xss-protection: 1; mode=block
cteonnt-length: 565
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 ziklo.svg Show response
www.carpay.se/Content/img/icons/ 9 KB
4 KB 50ms
49ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/ziklo.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

2ca00295a788bb778cba9c4785d58ae4d59e569fe87267275d32acf731d38339

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 3879
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20128ace5ef397c2572b48b4378f7c5684a5d18d40e86c2a0bfd6d5f15662e64

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3908804ff86e235473d2d32196cde43a26783e079387447c9cc612dc3010b582

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 180f9e70f3146a4476df296c773c99842fe285a91085b2fbf1294153f9a2f24d

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdbd28e565d6a32f7e880d0c812b4642ba81efd250ac3bf5d7a90d93899f9831

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dc5dc59e21939077fd0575936c5731b34eb6109d6bc43165e38f0acd044beb7

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e8da7c799460a7ab82c17f2078a73cefad5203a8b25b57014ef73f0ed29432b

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6498fdf0c11c518ad90c511ca05afcbab35a5e0212f576b134f6aeeb07bc6051

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 950 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b58f52359946608401ff5aa2caea7ca0ffe17801d15e8e2372ab4d39a6387081

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pressbild-svarlurad-2.png
www.carpay.se/globalassets/169-1920x1080/ 37 KB
37 KB 56ms
56ms Image
image/webp 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carpay.se/globalassets/169-1920x1080/pressbild-svarlurad-2.png?preset=storyBlockThumbnail&format=webp

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

f9d6aaf9cb6f8db8c24820aa4c1ce5fe1880aab8a3e44775a2a5a710ab2e7b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 37727
x-xss-protection: 1; mode=block
cteonnt-length: 37704
referrer-policy: strict-origin
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "1D9E7D42C2D2C88"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H2 200 notifications Show response
www.carpay.se/api/ 2 B
180 B 49ms
49ms XHR
application/json 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/api/notifications

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
accept-language: sv-SE
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
cache-control: no-cache
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 2
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 8929.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 2 KB
1 KB 47ms
47ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/8929.chunk.js?id=6462fcfafddf8d664c7b

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

2fbbc4aad393abd3c418a8a66b81e1467b9464b0cd1ac5652f81c6d59028abb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
ntcoent-length: 1951
content-length: 941
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 7905.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 6 KB
2 KB 48ms
48ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/7905.chunk.js?id=1f08556b1a4a51f7505b

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

e85dea22677828831e387f26d6dd0a31f8357e2547dac74b6b3f8e1c13e1fa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 1958
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 3626.chunk.js Show response
www.carpay.se/Content/dist/js/chunks/ 2 KB
1022 B 48ms
48ms Script
application/javascript 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/dist/js/chunks/3626.chunk.js?id=de672d1289a3014a910e

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

44ce94e420fccd85327d863cc145aae5fb90ab38a7c4af983d34155f594cec8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
ntcoent-length: 1772
content-length: 864
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:31:34 GMT
etag: "01f1fadaaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 avatar.svg Show response
www.carpay.se/Content/img/icons/ 856 B
644 B 48ms
48ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/avatar.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

21d244b407aad500362fb5d448a458ad3e2981ab5e978799e694be108f36079d

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 486
x-xss-protection: 1; mode=block
cteonnt-length: 856
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 carpaybyziklo.svg Show response
www.carpay.se/Content/img/icons/ 18 KB
7 KB 49ms
48ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/carpaybyziklo.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

f817df693df6857750804250acf68db2c9f9a524079f15fa4ace2f5df3135ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=157680000
content-length: 7326
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 menu_icon.svg Show response
www.carpay.se/Content/img/icons/ 829 B
588 B 48ms
48ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/menu_icon.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

7716657cb7b5137720727a7559ee7601360ed6823c1f30d3014ac8dffdea1fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 430
x-xss-protection: 1; mode=block
cteonnt-length: 829
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 activate-card.svg Show response
www.carpay.se/Content/img/icons/ 1 KB
819 B 51ms
50ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/activate-card.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

56f040fdcba9f4f5957cedfbd307c87e074892060b862ceb63bffe058b20bbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 661
x-xss-protection: 1; mode=block
cteonnt-length: 1494
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 dropdown.svg Show response
www.carpay.se/Content/img/icons/ 689 B
565 B 49ms
48ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/dropdown.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

03b619b9c5164540463b84bcda75f9b9729fb381b17263eb069d16db00c234d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 407
x-xss-protection: 1; mode=block
cteonnt-length: 689
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2560918121e2f71fcf4708c01f2d8cd7f0b75ea07a5e2a57fccd717ebd952e2c

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0c1f74071d83791da66fc50095709545570a61a2680ebd562b199d8ffb892bf

Request headers

Accept-Language: se-SE,se;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 carpay-oversikt.json Show response
www.carpay.se/globalassets/_carpay/media/animationer/ 70 KB
71 KB 53ms
52ms XHR
application/json 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/globalassets/_carpay/media/animationer/carpay-oversikt.json

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/script/lottie_svg.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

b95e8c5a308ee6ad78a4845fa5a3e241d27d95ed2be984db26d9b17fbff07e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-length: 71661
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Mon, 16 Dec 2019 15:05:40 GMT
etag: "1D5B4224792FA00"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json
cache-control: public
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H2 200 kvinna-med-solglasogon-i-solnedgang.jpg
www.carpay.se/globalassets/_carpay/media/bilder/manniskor/manniskor-och-bil/ 116 KB
116 KB 59ms
59ms Image
image/webp 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.carpay.se/globalassets/_carpay/media/bilder/manniskor/manniskor-och-bil/kvinna-med-solglasogon-i-solnedgang.jpg?format=webp&height=1080

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

d310ac8965368c8b6e459730a761caeecf32d16b8f7ca198c5610dc3a1f7178c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
cteonnt-length: 119192
referrer-policy: strict-origin
imageprocessedby: ImageProcessor/2.9.1.225 - ImageProcessor.Web/4.12.1.216
etag: "1DAA0438BBFA424"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: image/webp
x-frame-options: SAMEORIGIN
cache-control: private
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
expires: Thu, 27 Jun 2024 11:49:19 GMT

GET
H2 200 search.svg Show response
www.carpay.se/Content/img/icons/ 860 B
632 B 48ms
47ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/search.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

f720839ec27cc57e1430421c965acc2bd98bc99908ec6e7690c8cc0c74a53cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 474
x-xss-protection: 1; mode=block
cteonnt-length: 860
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 close12.svg Show response
www.carpay.se/Content/img/icons/ 957 B
649 B 48ms
47ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/close12.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

4a74012de1ae852e3de61241e56ed76aefc68e92db7cdb4c0caf14dcd1b2096d

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 491
x-xss-protection: 1; mode=block
cteonnt-length: 957
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 left12.svg Show response
www.carpay.se/Content/img/icons/ 677 B
565 B 49ms
48ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/left12.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

692b2ba826034348d9ac8c368d3929b507f25a4b69ba008ddd674048839a385b

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 407
x-xss-protection: 1; mode=block
cteonnt-length: 677
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 creditcard.svg Show response
www.carpay.se/Content/img/icons/ 681 B
557 B 48ms
47ms XHR
image/svg+xml 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/icons/creditcard.svg

Requested by

Host: www.carpay.se
URL: https://www.carpay.se/Content/dist/js/carpay-75e4f4a349264fa7f041.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

26ffd63b956a3fb3c609693636b1bef317e3ace9d0e4b9fed6f5900e6718adbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
content-encoding: gzip
content-length: 399
x-xss-protection: 1; mode=block
cteonnt-length: 681
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/svg+xml
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token

GET
H2 200 privacy-templates.json Show response
volvofinans.containers.piwik.pro/8fd3173a-d74b-46b4-83ae-40b877f114b2/ 190 KB
30 KB 190ms
76ms XHR
application/json 20.93.211.47
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://volvofinans.containers.piwik.pro/8fd3173a-d74b-46b4-83ae-40b877f114b2/privacy-templates.json

Requested by

Host: volvofinans.containers.piwik.pro
URL: https://volvofinans.containers.piwik.pro/8fd3173a-d74b-46b4-83ae-40b877f114b2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.93.211.47 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01f1c14b55f1ab695deb85a7dc65701a5459054688b22dd1681556cca7cf24d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"67452ddc0eaa6684"
x-frame-options: sameorigin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, must-revalidate
x-robots-tag: none
x-cached: HIT

GET
H2 200 favicon_32px.png
www.carpay.se/Content/img/favicon/carpay/ 694 B
853 B 49ms
48ms Other
image/png 84.19.148.52
CANDIDATOR-AB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.carpay.se/Content/img/favicon/carpay/favicon_32px.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.19.148.52 Alingsås, Sweden, ASN49419 (CANDIDATOR-AB, SE),

Reverse DNS

Software

Resource Hash

ee9e24ee305c7863b4c806856d517233fd0cbcb03ae6d2e13046e7d25b11ed0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.carpay.se/
Accept-Language: se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 11:49:19 GMT
strict-transport-security: max-age=157680000
x-content-type-options: nosniff
referrer-policy: strict-origin
last-modified: Wed, 15 May 2024 09:27:30 GMT
etag: "0adaf1baaa6da1:0"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: image/png
cache-control: max-age=31536000
feature-policy: accelerometer 'none'; camera 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
accept-ranges: bytes
access-control-allow-headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
content-length: 694
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.carpay.se/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: frynl3ei1iws24f0iwr4r3eu
www.carpay.se/	1970-01-20 21:28:05	Name: NSC_JOku3gy2esk1vrkcfdb1t1btisu1acT Value: ffffffff096b0f1a45525d5f4f58455e445a4a423660
www.carpay.se/	1970-01-21 01:47:16	Name: ppms_privacy_8fd3173a-d74b-46b4-83ae-40b877f114b2 Value: {%22visitorId%22:%224bc6cfcc-346a-497e-b5a3-62b9124ea324%22%2C%22domain%22:{%22normalized%22:%22www.carpay.se%22%2C%22isWildcard%22:false%2C%22pattern%22:%22www.carpay.se%22}%2C%22consents%22:{%22analytics%22:{%22status%22:-1}}%2C%22staleCheckpoint%22:%222024-06-20T11:49:21.247Z%22}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://volvofinans.piwik.pro https://volvofinans.containers.piwik.pro https://.clarity.ms https://.mapbox.com https://www.google.com/; font-src 'self' data: https://.episerver.net https://volvofinans.containers.piwik.pro; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://volvofinans.piwik.pro https://volvofinans.containers.piwik.pro https://.episerver.net https://.adnxs.com https://.clarity.ms https://snap.licdn.com https://.pinimg.com https://cdn.scaleflex.it https://volvofinans.fbinhouse.se; frame-src 'self' https://volvofinans.fbinhouse.se https://chargefinder.com; style-src 'self' 'unsafe-inline' data: https://api.tiles.mapbox.com https://api.mapbox.com https://fonts.googleapis.com https://.episerver.net https://volvofinans.containers.piwik.pro; img-src 'self' data: https://.adnxs.com https://.clarity.ms https://.bing.com https://play.google.com https://scaleflex.ultrafast.io blob: https://.episerver.net https://cdn.imagin.studio https://apple-resources.s3.amazonaws.com https://tools.applemediaservices.com https://volvofinans.containers.piwik.pro; worker-src blob:; child-src blob:;
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apple-resources.s3.amazonaws.com
dl.episerver.net
play.google.com
renaultkort.se
tools.applemediaservices.com
volvofinans.containers.piwik.pro
www.carpay.se
104.18.36.168
142.250.185.238
194.16.64.75
20.93.211.47
52.201.185.17
54.231.225.41
84.19.148.52
01f1c14b55f1ab695deb85a7dc65701a5459054688b22dd1681556cca7cf24d2
02dd2226422a9217cd2da291ba7888a62b30590fcd44c855fcaadac869954a5d
03b619b9c5164540463b84bcda75f9b9729fb381b17263eb069d16db00c234d6
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
180f9e70f3146a4476df296c773c99842fe285a91085b2fbf1294153f9a2f24d
19c74f468a21802769265fd69adbaac0a9fee78dc3020ea833b4f0578b4daac8
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20128ace5ef397c2572b48b4378f7c5684a5d18d40e86c2a0bfd6d5f15662e64
21d244b407aad500362fb5d448a458ad3e2981ab5e978799e694be108f36079d
22c5a501b48a225d7c3f2e4e3a33ffd6de9a80bcca0647d769896a4d084c62c7
2560918121e2f71fcf4708c01f2d8cd7f0b75ea07a5e2a57fccd717ebd952e2c
26ffd63b956a3fb3c609693636b1bef317e3ace9d0e4b9fed6f5900e6718adbd
2ca00295a788bb778cba9c4785d58ae4d59e569fe87267275d32acf731d38339
2dc5dc59e21939077fd0575936c5731b34eb6109d6bc43165e38f0acd044beb7
2fbbc4aad393abd3c418a8a66b81e1467b9464b0cd1ac5652f81c6d59028abb6
31fe549125f116eae0a20593244253f780a88d6d2e671b599add132c2c1871b7
3908804ff86e235473d2d32196cde43a26783e079387447c9cc612dc3010b582
3e8da7c799460a7ab82c17f2078a73cefad5203a8b25b57014ef73f0ed29432b
44ce94e420fccd85327d863cc145aae5fb90ab38a7c4af983d34155f594cec8a
4a74012de1ae852e3de61241e56ed76aefc68e92db7cdb4c0caf14dcd1b2096d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56f040fdcba9f4f5957cedfbd307c87e074892060b862ceb63bffe058b20bbff
5937fd9b255c70a82c763d013f5dea3c4df7f257c448abc23cf3b742b0cba6f1
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6498fdf0c11c518ad90c511ca05afcbab35a5e0212f576b134f6aeeb07bc6051
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
692b2ba826034348d9ac8c368d3929b507f25a4b69ba008ddd674048839a385b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7716657cb7b5137720727a7559ee7601360ed6823c1f30d3014ac8dffdea1fef
8211a53f3dbdaab1aa14cdb70fe250c8e4110b8a3ec9aeb329aa903d2cc3c0f9
830dfedea19fd00bc7d8c3941d0ceb1f93700862842c010492d995d96d90ce54
8e6d8c7cdb9d828852997651f9b34539aed9d9ae1ec595e8668497a92f44789d
98923ba0f317f302ef29e209f017782525511825acc87c26f06a5eefca24c2eb
9c1ed56a3067c997dbc483fae699e16d5d831307ea626aee960cbc528ed860a2
9de4acba26710e1b0874464d0078a63fe93e298a5bc089e4508b0dd8a98fb0bf
a3d16df2a6cff77a965ec647037ca4556e43086c1c82a6d15af66e6268644c06
a4b59feb8118674d3b08292a8f0cfa62c6f2f440fb7ada7aa6d5c94be66cfd58
a871adbb7c20a3e0aa80681c8626ccab9014bf79152d07d7470c14f094a15563
acddbc72ae1dc165c78edb16bb93735272377a283fd628d7766e68f396b6e55d
b58f52359946608401ff5aa2caea7ca0ffe17801d15e8e2372ab4d39a6387081
b95e8c5a308ee6ad78a4845fa5a3e241d27d95ed2be984db26d9b17fbff07e68
bd90832918787a8dd8b2a8672f8ef4ebaa4db0d7c3e3845d1c5a6e7516f264d8
c5ecfef7be9332337ee8429e77a63562d589ef6b598d7bc291ea77c608b786b2
cd753f04695d46b6faef262b33477bffc6a5449e80e35cae60f4bcc152ea4761
cdbd28e565d6a32f7e880d0c812b4642ba81efd250ac3bf5d7a90d93899f9831
ce16e93a9c7da8a21099a64517e3c8159c5248be6eb938d49189f54ffa2f4ab6
cf9374cb8f5306eaa6e3a340775bee6368e8154161d08a9f079eb03da384a971
d310ac8965368c8b6e459730a761caeecf32d16b8f7ca198c5610dc3a1f7178c
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d80fe5b8ddc240fe34991a3942680baf4fe54b7ef1691a5c630ee3dec8364c4d
e85dea22677828831e387f26d6dd0a31f8357e2547dac74b6b3f8e1c13e1fa20
e956f9ec74229884a911090ab5ce173458dc6b52e6aec4acbcdf94feae611b79
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb1536880dbbd1fe6c834a945448da98aa8d46da49000e608b1430754d3675f9
eb249aaddc515873d683ea85d695896cfd7c54dbdce9b39679ed0e40f00e0158
ee9e24ee305c7863b4c806856d517233fd0cbcb03ae6d2e13046e7d25b11ed0c
f0c1f74071d83791da66fc50095709545570a61a2680ebd562b199d8ffb892bf
f29d14ba2b9bb368b6c7a5c986959dafb8adc8d7290d507f50e025188c775c3a
f720839ec27cc57e1430421c965acc2bd98bc99908ec6e7690c8cc0c74a53cf9
f741552009b45895e3f92364fa787edb69a4456266aaef4189f518ceca22fb19
f817df693df6857750804250acf68db2c9f9a524079f15fa4ace2f5df3135ab8
f9d6aaf9cb6f8db8c24820aa4c1ce5fe1880aab8a3e44775a2a5a710ab2e7b92

www.carpay.se Open in urlscan Pro 84.19.148.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

911 kBTransfer

2216 kBSize

3 Cookies

13 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.carpay.se Open in urlscan Pro
84.19.148.52 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

911 kB
Transfer

2216 kB
Size

3
Cookies

44 HTTP transactions
18 data transactions