windowsapp.com.se Open in urlscan Pro
2606:4700:3032::ac43:a284 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windowsapp.com.se/1058455218/hogia-mypayslip
Submission Tags: falconsandbox
Submission: On March 15 via api (March 15th 2022, 10:12:08 am UTC) from US — Scanned from DE

Summary HTTP 266 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 62 IPs in 8 countries across 46 domains to perform 266 HTTP transactions. The main IP is 2606:4700:3032::ac43:a284, located in United States and belongs to CLOUDFLARENET, US. The main domain is windowsapp.com.se.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 18th 2022. Valid for: a year.

This is the only time windowsapp.com.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3032::ac43:a284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	209.50.60.88 209.50.60.88	25697 (UPCLOUDUSA) (UPCLOUDUSA)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
13	216.58.208.98 216.58.208.98	15169 (GOOGLE) (GOOGLE)
3	2606:4700:310... 2606:4700:3108::ac42:28fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.99.211 141.95.99.211	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4 4	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
14	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:170... 2a02:26f0:1700:38a::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:170... 2a02:26f0:1700:394::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:170... 2a02:26f0:1700:38d::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
9	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
9	2606:4700:20:... 2606:4700:20::681a:9b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
4 13	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	54.36.238.155 54.36.238.155	16276 (OVH) (OVH)
3	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
3	35.158.25.241 35.158.25.241	16509 (AMAZON-02) (AMAZON-02)
1 10	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
3	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
3	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
3	185.33.220.216 185.33.220.216	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	3.120.28.2 3.120.28.2	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1	88.99.28.61 88.99.28.61	24940 (HETZNER-AS) (HETZNER-AS)
2 2	194.190.76.41 194.190.76.41	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	151.236.71.19 151.236.71.19	204720 (CDNETWORKS) (CDNETWORKS)
1 1	168.119.168.202 168.119.168.202	24940 (HETZNER-AS) (HETZNER-AS)
6 6	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	51.38.120.206 51.38.120.206	() ()
1 2	2a02:6b8::90 2a02:6b8::90	() ()
1	82.145.213.8 82.145.213.8	() ()
266	62

13 2606:4700:3032::ac43:a284 (United States)

ASN13335 (CLOUDFLARENET, US)

windowsapp.com.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.50.60.88 (Phoenix, United States)

ASN25697 (UPCLOUDUSA, US)
PTR: 209-50-60-88.us-sjo1.upcloud.host

appfurpc.com.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 216.58.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s08-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:28fd (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:1::13 (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.99.211 (France)

ASN16276 (OVH, FR)
PTR: ns3213278.ip-141-95-99.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.35.65 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:38a::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:394::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:38d::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:9b2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.33.220.243 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.36.238.155 (France)

ASN16276 (OVH, FR)
PTR: ip155.ip-54-36-238.eu

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 96.46.186.57 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.216 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.120.28.2 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-28-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.28.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.28.99.88.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.41 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp11.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.202 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.168.119.168.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.158 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 1 redirects d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122 d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com	248 KB
28	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 944 eus.rubiconproject.com — Cisco Umbrella Rank: 503 fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 token.rubiconproject.com — Cisco Umbrella Rank: 595 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2193 pixel.rubiconproject.com — Cisco Umbrella Rank: 289	77 KB
20	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 cdn.adnxs.com — Cisco Umbrella Rank: 1232 ams1-ib.adnxs.com — Cisco Umbrella Rank: 6750 acdn.adnxs.com — Cisco Umbrella Rank: 523	106 KB
20	doubleclick.net 2 redirects pubads.g.doubleclick.net — Cisco Umbrella Rank: 494 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 181 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	505 KB
18	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185 bidder.criteo.com — Cisco Umbrella Rank: 689	11 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	364 KB
13	com.se windowsapp.com.se	79 KB
11	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1509 cache.betweendigital.com — Cisco Umbrella Rank: 17967	6 KB
9	openx.net setupad-d.openx.net — Cisco Umbrella Rank: 40071 rtb.openx.net — Cisco Umbrella Rank: 1359 u.openx.net — Cisco Umbrella Rank: 621	1 KB
9	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 31581	14 KB
9	adform.net adx.adform.net — Cisco Umbrella Rank: 4064 cm.adform.net — Cisco Umbrella Rank: 1775	2 KB
9	4dex.io script.4dex.io — Cisco Umbrella Rank: 1689 mp.4dex.io — Cisco Umbrella Rank: 2262	70 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	3 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	218 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 257	3 KB
6	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 1565 cs.emxdgt.com — Cisco Umbrella Rank: 806	478 B
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	111 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28691	2 KB
5	mzstatic.com is3-ssl.mzstatic.com — Cisco Umbrella Rank: 1720 is4-ssl.mzstatic.com — Cisco Umbrella Rank: 1743 is1-ssl.mzstatic.com — Cisco Umbrella Rank: 1644	93 KB
4	bumlam.com 4 redirects sync.bumlam.com — Cisco Umbrella Rank: 2702	2 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	115 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926 an.yandex.ru	69 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	36 KB
3	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2428	3 KB
3	setupad.com node.setupad.com — Cisco Umbrella Rank: 34165	625 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1227	1017 B
3	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 7456	2 KB
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130	537 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1055	780 B
3	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 36729	413 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	732 B
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 9999	706 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13774	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 11692	1 KB
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11171	823 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4292	715 B
2	com.de appfurpc.com.de	2 KB
1	opera.com t.adx.opera.com	410 B
1	onetag-sys.com onetag-sys.com	814 B
1	sniperlog.ru sync3.sniperlog.ru — Cisco Umbrella Rank: 32357	516 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com — Cisco Umbrella Rank: 22662	221 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 594	277 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 20303	70 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 488	535 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	3 KB
266	46

	Domain	Requested by
24	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com windowsapp.com.se cdn.ampproject.org googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com windowsapp.com.se stpd.cloud www.googletagservices.com
14	eus.rubiconproject.com	windowsapp.com.se eus.rubiconproject.com stpd.cloud cache.betweendigital.com
13	ib.adnxs.com	4 redirects stpd.cloud acdn.adnxs.com
13	windowsapp.com.se	windowsapp.com.se
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net windowsapp.com.se
10	ads.betweendigital.com	1 redirects stpd.cloud ads.betweendigital.com
9	prebid-stag.setupad.net	stpd.cloud windowsapp.com.se
8	gum.criteo.com	4 redirects static.criteo.net
7	www.googletagservices.com	windowsapp.com.se d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
7	mug.criteo.com	windowsapp.com.se
6	x.bidswitch.net	6 redirects
6	adx.adform.net	stpd.cloud
6	script.4dex.io	stpd.cloud script.4dex.io
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	mc.yandex.com	2 redirects windowsapp.com.se
5	fonts.gstatic.com	windowsapp.com.se fonts.googleapis.com
4	sync.bumlam.com	4 redirects
4	static.criteo.net	stpd.cloud static.criteo.net
4	googleads.g.doubleclick.net	stpd.cloud googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	secure-assets.rubiconproject.com	4 redirects
3	acdn.adnxs.com	stpd.cloud
3	u.openx.net	stpd.cloud
3	biddr.brealtime.com	stpd.cloud
3	ams1-ib.adnxs.com	stpd.cloud windowsapp.com.se cdn.adnxs.com
3	node.setupad.com	windowsapp.com.se
3	encrypted-tbn3.gstatic.com	d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
3	encrypted-tbn0.gstatic.com	d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
3	fonts.googleapis.com	d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
3	cs.emxdgt.com	stpd.cloud
3	rtb.openx.net	windowsapp.com.se stpd.cloud
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	cm.adform.net	windowsapp.com.se stpd.cloud
3	pixel.rubiconproject.com	windowsapp.com.se
3	pixel-eu.rubiconproject.com	eus.rubiconproject.com
3	mp.4dex.io	stpd.cloud
3	setupad-d.openx.net	stpd.cloud
3	bidder.criteo.com	stpd.cloud
3	prg.smartadserver.com	stpd.cloud
3	hb.emxdgt.com	stpd.cloud
3	fastlane.rubiconproject.com	stpd.cloud
3	rtb.adxpremium.services	stpd.cloud
3	prebid-eu.creativecdn.com	stpd.cloud
3	prebid.a-mo.net	stpd.cloud
3	stpd.cloud	windowsapp.com.se
3	pubads.g.doubleclick.net	windowsapp.com.se
2	an.yandex.ru	1 redirects
2	eb2.3lift.com	1 redirects
2	www.tns-counter.ru	1 redirects
2	x01.aidata.io	2 redirects
2	sync3.adsniper.ru	2 redirects
2	px.adhigh.net	2 redirects
2	pool.admedo.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	mc.yandex.ru	1 redirects windowsapp.com.se
2	is1-ssl.mzstatic.com	windowsapp.com.se
2	is4-ssl.mzstatic.com	windowsapp.com.se
2	appfurpc.com.de	windowsapp.com.se
1	t.adx.opera.com
1	onetag-sys.com	cache.betweendigital.com
1	sync3.sniperlog.ru
1	cm.g.doubleclick.net	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	ap.lijit.com	ads.betweendigital.com
1	sync.dmp.otm-r.com	ads.betweendigital.com
1	cdn.adnxs.com	stpd.cloud
1	encrypted-tbn1.gstatic.com	d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
1	d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	is3-ssl.mzstatic.com	windowsapp.com.se
1	id5-sync.com	stpd.cloud
1	ajax.googleapis.com	windowsapp.com.se
1	cdn.jsdelivr.net	windowsapp.com.se
266	79

This site contains links to these domains. Also see Links.

Domain
www.hogia.se
dl.windowsden.uk
m.apkpure.com
is4-ssl.mzstatic.com
www.bignox.com
bluestacks.com
apps.apple.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-18` - `2023-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
appfurpc.com.de R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-06-22` - `2022-07-22`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.a-mo.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2021-08-05` - `2022-09-05`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
node.setupad.com R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-24` - `2023-02-24`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://windowsapp.com.se/1058455218/hogia-mypayslip
Frame ID: 33DF15AD3E10498C97B4719770B25A5B
Requests: 30 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 42C7D980D1F9CB3BA4EF559BE1731724
Requests: 34 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 4341A7A8B82FF0479DC2701CD18B534F
Requests: 4 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 1159593DE3A300E38EEBCAF75119FC4C
Requests: 32 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 5493EEFF094EB1A6AB028043699CE630
Requests: 32 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 2287BF3CCB48971DA75ACB7DBA5A06EC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: F261B5EB7812756F437CAB817328B7E9
Requests: 2 HTTP requests in this frame

Frame: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 03891ABF5785BBE74D404C0AC4FFD736
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: DFC88D3FA5E167D50C044404B8FDEAF8
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 6BD3151AA7520235F2B404D5E691C595
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: A3FC626DB4308B828F2FCBABAA4D5F78
Requests: 1 HTTP requests in this frame

Frame: https://fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 948019473FC6AF83BFC122A9105D60F0
Requests: 1 HTTP requests in this frame

Frame: https://d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 86B6A206FC271BFBFD8799E99351289A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2C953C7EAA7A935E1AAE6BE0E7089FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49EF480273FF6FD51A43E7548A612323
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 134D67D5C67D8B1916FA702217A5CBF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 269B0763FF1138CC8437E048E06099FA
Requests: 2 HTTP requests in this frame

Frame: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 88A9C15D43EEC4A9D3EF2B5C6A33E26A
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78178A0B4779A3F9D5A03A3AFEDC6DD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0ADC3D2ACA77AEED6A604043C5E72172
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js
Frame ID: 8E840E6ED8FDC94F46C7578324DFA9F4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs
Frame ID: 3ED82C052BE0D95E405D125F2EE2BF37
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV64dJvWc6_guZWSGaJ3hyNvfqrY9iC43mibq2yf0dlTeBGShOE_hebxUSrog4P0faWsta7W9Po2g-RpLbsNjz4l8qASxx0roPbszxPceu3_7ukLfoAZNrDzRhBDmhpppgjPvY5oJXz766ILVwHMFb7VsQ2NI2zlQBsuNmDJTs_kVNTYXiypU3wMDB93aduKEudBKH4t3MdUNnfPjDZ92D9SzKBnK_gIMigwDsS6QosjJFi26Tv8cnu3ge2f4bNLBQIgEbRYvZx9-AofGSvD5VPmsL59gpgL2RAL8oiuP5tcN_uUaHXol9fSwwTpDf9x29bBoqZdkkxI8fMmbm8G7vTegN9g&sai=AMfl-YSs-uv-zKm7chvs3kOFtzzb2pkSt2QRjct4wm_vd14r7S8FmDEzS0TZWowW16cJlmZ9Cx24wiu96EQL4EwR-Y0rZAGUuEvSW5lWe1nMYAtiOios4lzl4xmo-ECmqP4&sig=Cg0ArKJSzD5a8H7Q_CtVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 11F1F90BA0C7B661090FF80C945D56C7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 71CEF27C8DF8FF235DA1F4FE6B51FCF9
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js
Frame ID: 0B6BD47A7CD20E387A811974E7619ED7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=windowsapp.com.se
Frame ID: 4DCECFDAC3534478CBCE1193E4F77538
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F3A8AFAF27DF9D6A5849ADBD62003B3E
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 629FA8473C5F3FB26C3D6ADFD2CC4E45
Requests: 5 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7A755297F25497722BCF307A0831DC4A
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B248003C774644ECA6AA0FA88895CE23
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0E46D0BE291322925472792623ED55D4
Requests: 3 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82&CACHEBUSTER=864170
Frame ID: BD207474CD37BB652F7EC8F370F34E5C
Requests: 7 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: F0BB69E4E494B1CE155C8F9AAB73AD82
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 24C3393AD834B547A5157443D3E2389C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7B427135E1233B09D06C1A02FC8397BB
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 24AD2D670C59D50F5E005DDB1EB3B663
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 2B2C5D6DDB33FE825549F429CA9C7E96
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: EEE6B902836717303EF92F6FD2A78643
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C55D0249BE84648BE9CFB0D034A4A755
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 48274A1A226BB4C4256713EB39F7D71D
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 90B9BA832EFFA217C6A4857FAF514E79
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 78185B699C3B99EC73753F5BB57249E5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 18459D400CF8D48406CECB1B06C0ED1A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 494A0138D0543C8DCD1099B433C2C8A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ladda ner Hogia MyPayslip på datorn gratis - Windows PC och Mac (Svenska)

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/material(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

266
Requests

93 %
HTTPS

43 %
IPv6

46
Domains

79
Subdomains

62
IPs

8
Countries

2550 kB
Transfer

6807 kB
Size

44
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hogia.se/affarssystem/star/mypayslip
Title: Hogia Business Products AB

Search URL Search Domain Scan URL

URL: https://dl.windowsden.uk/se/1058455218
Title: Ladda ner ⇩

Search URL Search Domain Scan URL

URL: https://m.apkpure.com/search?q=Hogia%20MyPayslip
Title: Ladda ner Apk

Search URL Search Domain Scan URL

URL: https://is4-ssl.mzstatic.com/image/thumb/PurpleSource125/v4/87/74/97/87749798-7579-95b1-bea6-42e5dd83b207/29664357-1278-4c4d-90e5-6b642a810954_iPhone_8_Plus.png/392x696bb.png

Search URL Search Domain Scan URL

URL: https://www.bignox.com/sv/download/fullPackage
Title: Nox-app

Search URL Search Domain Scan URL

URL: https://bluestacks.com/
Title: Bluestacks

Search URL Search Domain Scan URL

URL: https://apps.apple.com/se/app/hogia-mypayslip/id1058455218?uo=4&at=1058455218
Title: Gratis På iTunes ↲

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=EBn6-3w1NWxUUm5pRDlYM3VJSDBqMmsrdTdTWVI2OHNmbThiRXB3dGpSMW1jeWEvNkg1eGVnM1h6OCtOREVtQnp6Q3Z3Sm1XUzgzMmpuR3NYTmJlc0dpeElUeCtLa1d1aVZNR1FUcy84YkxYbTkwS2UrRGZ4dlRScnlzVzVKd3FNWGFKNUpEV0N1UXlrZDBQamdBNzQycjh1N1BHZFpWdXFjMTNqMEVRR3ZjNVZNemVNZnhUK1ZReEJwMjBzVVR5ODlBK1FlT0pPWTdmazFWTHBWanIzN3FkRnRaekJLWlNCOFI0UXFITFFMNkRWT2hFPXw&cppv=2

Request Chain 24

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 59

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&bundle=6JZHil9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpJTJGUXRXSThEQ3dJZzhnVHQ0ejlTOU1PWEt5Q1BXMyUyRnJMMHlpUFl6UVhyYTRobmFUbkJFUnZJM05GVDB1WWREZ1h2SXBOQ1lPaWozZ1J6S1klMkJvJTJGZ3E2eXFOUTB0UG1VanJ1Mk9jbXhrbmJkJTJC&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=fGiHu3xTdTlxbE9pN3FENllZQVhuTkwyZERYblFXRkt4YzNwb1RyZjNVRWFPWVZTZ1Y2L0R0OXpwMUh6VE9rSjQ2SEc1ckdaRjdHNnI0WXZ2aVkxelZLekwxTytQMWtBQ2Jjc0hBZnJpOWF3UUxFZFdGZEdxYm9zWmROeVFReFpsb1JCN1RnczZBTFlZd0FEZTBETWIzOWMrYm1MUmgrL3NueGpqVHdvSEMwQnlLTjhrSnFDZEZtZ0NVSDdOdXhFOCtPd0dCTERDcElmTDRIcUxxUTVFZFF4a2g0NEI1RXFkNWlpQzFNOEplVEI3WU5QWE9sdGlRa3pyK3o4NUpoQzN4TmNEfA&cppv=2

Request Chain 61

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 64

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&bundle=6JZHil9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpJTJGUXRXSThEQ3dJZzhnVHQ0ejlTOU1PWEt5Q1BXMyUyRnJMMHlpUFl6UVhyYTRobmFUbkJFUnZJM05GVDB1WWREZ1h2SXBOQ1lPaWozZ1J6S1klMkJvJTJGZ3E2eXFOUTB0UG1VanJ1Mk9jbXhrbmJkJTJC&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Zf5443w3SklYSS9tV1czQW5rMkRscjNlRE9SdWs1LzR2ZDBkTUtNNFFtKzNUSGhnZWFmWWtkd3VhK2Y3SmdKSll5eTJVUnFlOHhQRWwycEpvbEVTQ3UrMUNrRkVHR3FWekhPNGIwNHEvSlRLQTdNSDFvSjU2cE1KbFZhQTkzeXRtOE42Zm9BaHlqQ1crRC91WEswS1R5SU5GUldWSXFIS2FpREVMUk4wcDFwR3JVT0RCZzdCMWIvd2lxL2dNV29lWHFhOFB6dFRRQ0tyL1QwS2pNYlBLM2FEem92VCt1U2Z2SUx6Q2ZwZ0tuR21EK0VvdDlyMzNWL2NGNyt4QURhanBrdndsfA&cppv=2

Request Chain 66

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 84

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9578.qr46MUuGo1YmOYMRSNuk3sQtyzY7HQaPx3_QC-vOJn7S9UMMGkd6GF4y8zNuGwcH.FN_B3wHkKypPnQnYh5jtXXSPJsU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9578.6Xyca4zXLA9Wn12dB-3fBd3fMMbMZgQtg5UmmZVSWXQQ7QacwSH3cN_GCbwlEwXKKKYLwlcByyj0swMSOBJ8hQ%2C%2C.Y5VB0_6P_DaAwy1wrtQhEWu13pI%2C

Request Chain 111

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603

Request Chain 118

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603

Request Chain 119

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603

Request Chain 120

https://mc.yandex.com/watch/49116760?wmode=7&page-url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1136%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1413016674441%3Ahid%3A335153418%3Az%3A0%3Ai%3A20220315101202%3Aet%3A1647339122%3Ac%3A1%3Arn%3A875509922%3Arqn%3A1%3Au%3A1647339122832137260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647339119742%3Ads%3A1%2C53%2C466%2C2%2C0%2C0%2C%2C1195%2C5%2C%2C%2C%2C1718%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647339122%3At%3ALadda%20ner%20Hogia%20MyPayslip%20p%C3%A5%20datorn%20gratis%20-%20Windows%20PC%20och%20Mac%20(Svenska)&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/49116760/1?wmode=7&page-url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1136%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1413016674441%3Ahid%3A335153418%3Az%3A0%3Ai%3A20220315101202%3Aet%3A1647339122%3Ac%3A1%3Arn%3A875509922%3Arqn%3A1%3Au%3A1647339122832137260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647339119742%3Ads%3A1%2C53%2C466%2C2%2C0%2C0%2C%2C1195%2C5%2C%2C%2C%2C1718%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647339122%3At%3ALadda%20ner%20Hogia%20MyPayslip%20p%C3%A5%20datorn%20gratis%20-%20Windows%20PC%20och%20Mac%20%28Svenska%29&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 167

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
https://tpc.googlesyndication.com/simgad/16954104317476786032

Request Chain 219

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CPans7rwx_YCFRfRuwgdwUMNqg;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 228

https://gum.criteo.com/sid/json?origin=publishertag&domain=windowsapp.com.se&sn=ChromeSyncframe&so=3&topUrl=windowsapp.com.se&bundle=LKBNfV9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpMjQySHNibHpQSHpmdWtzMnhDVWVsUlZHTldjUjF3SHNWTTZkJTJGWktsaTNjMUlNaHhOOXNVRTVtelhrZ1IlMkJSUkUlMkJUZGZYJTJCdG9qeEd3TWV1NFQ3JTJCY2s1eSUyRmtva3d5amlZeTZPQ3ZaMGwlMkY3NA&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=9msTBnx4Y1FoT3A0MUhLSnlENzljZDN5U3pVVFQzS0NWSTBnanlSMEV4U2o2TDVXL3BtUENJYzZVTjVraFNrTnJ4b0NsNEpyNVR6MWFlS3FYQkIvWlhwVWpqT2dtY1lzV3JPR2FEVFgwVEFGUjZIOExwOHcxOHBpNHh5VFJZTE1UQ3pwQnhPSkpReVhuL1FCRGo4QVI0VWlFd21OeGdRRjdneWJPRmJ0eHVNN2RnQ3p0UkpBRnJyemZvcUtKQjlqd0Nmd1JoaDdEYmhUY0ZhdDNMZWw0dHJzMDl4UmwwNm95cHZrWU5qQjFscXJEWFVKZ3dpYTBRZzZNMnJLQTB3Y2R5c25qb2lHZDJER2hFUWk5dEVqSmw3cGlTZkE2RVJxZXlvd0lKcFJrK1M1Q0piND18&cppv=2

Request Chain 238

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d3088ee-f306-4f5d-8cf5-c145250bf84a HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d3088ee-f306-4f5d-8cf5-c145250bf84a HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=972af633-283c-45ff-ba4a-9a9a29a082d2&user_group=1&ssp=between&bsw_param=3d3088ee-f306-4f5d-8cf5-c145250bf84a HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a

Request Chain 240

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=stINvNY4V9j.AikABlF_jRA6TA

Request Chain 243

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=3d3088ee-f306-4f5d-8cf5-c145250bf84a HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=3d3088ee-f306-4f5d-8cf5-c145250bf84a HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a

Request Chain 251

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj1zMGRBlIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj1zMGRBlIFl4XSlAaiARBdk6awpEgR7KbpACWQyCQ3 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABj1zMGRBqIBEF2TprCkSBHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARj1zMGRBqIBEF2TprCkSBHspukAJZDIJDc* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5d93a6b0-a448-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5d93a6b0-a448-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=ebKZWvlJr1cQS8W4Dg8smw& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=ebKZWvlJr1cQS8W4Dg8smw&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=ebKZWvlJr1cQS8W4Dg8smw&extra2=aidata&google_gid=CAESEDK2m06ti849hodlUMv8750&google_cver=1

Request Chain 259

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 262

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/864170 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/864170

Request Chain 264

https://x.bidswitch.net/sync?dsp_id=429&user_id=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82&expires=60 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=3d3088ee-f306-4f5d-8cf5-c145250bf84a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=3d3088ee-f306-4f5d-8cf5-c145250bf84a&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

Request Chain 268

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fe0fa7bfa-9644-534a-b3a9-a8f3d199ce82 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/e0fa7bfa-9644-534a-b3a9-a8f3d199ce82 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/e0fa7bfa-9644-534a-b3a9-a8f3d199ce82?redir-setuniq=1

266 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request hogia-mypayslip Show response
windowsapp.com.se/1058455218/ 47 KB
11 KB 521ms
467ms Document
text/html 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5a64d656e80dfb0161b14a03aaea7fc8b4e7147a33e7dfe2647f0268a9a99f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 15 Mar 2022 10:12:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8c%2ByCFvKlEx8vmM6aDNr3LzfLLKEOhOpdvUF2yp8HXpCl%2BknQ1OrmR5oRQ3jKv5o15voRe7UgCOCw6HtMUOIhx4aLrUkoUu%2BvbG3itojvMMp%2FG86tJaRPtB%2FcrzTPjNDXYQwbwWOugcM1qqdJg9sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ec477daec0d0e1e-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.fancybox.css
windowsapp.com.se/public/fancybox/source/ 5 KB
2 KB 441ms
440ms Stylesheet
text/css 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/fancybox/source/jquery.fancybox.css?v=2.1.5
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-131f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4%2B%2B4DmQAXgC89qRJZ8cRnNOV%2FGXYijMwKA3V1lHCwFLB59r2N2NoSxD%2FM4CzFbmAAONrWXLVUHGXqJ7Xo7MAjeLQbmEL24W231Oa8wBFIf2EhgFGt%2Fr1bb5QmFEP6uQvOsGKAz1iWuGP4E3iFyQBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477ddda3a0e1e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:00 GMT

GET
H2 200 in-view.min.js Show response
cdn.jsdelivr.net/npm/in-view@0.6.1/dist/ 5 KB
3 KB 56ms
26ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45146
x-jsd-version: 0.6.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19183-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ec477ddfbd0233d-ZRH

GET
H2 200 style.css
windowsapp.com.se/public/material/css/ 227 KB
34 KB 513ms
513ms Stylesheet
text/css 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/material/css/style.css
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9ee5b0568153374301fd4320464c2f7b1a34402b379aebe17d4ad5ec066e0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 13:15:30 GMT
server: cloudflare
etag: W/"5f68a772-38be2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC5Nv%2B2AKxxgeqb0uVto0sTvvnr09wtOwLRFzn0qtdWPiNJLHEm%2BITZYYrZPkRA1v3FByTJ9aJ%2BlcTCLMadyPCTG86pnRnwyfMYfS7osOin6kfBoVn2pfjwWL%2BYBJaKo0qZYwN3Ktmancpbg6G7YeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477ddda3c0e1e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 03:37:48 GMT

GET
H3 200 loading.svg
windowsapp.com.se/public/images/ 696 B
999 B 31ms
30ms Image
image/svg+xml 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://windowsapp.com.se/public/images/loading.svg
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-2b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnH1%2B5cL8AmLVkf8TSpx7w9kx0WZrw8nPmoOIus5DA1C1ym%2BpN8iWmytgmSXwNb08kdVgtEpqXblbvYsKEe2Wm5BFbe2FDUFVhb%2BZNKxwjj35IYc9g6%2FD6xWePUk4krRxnOruVcnUZAkvq5833KeKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31104000
cf-ray: 6ec477e128da3746-MXP
expires: Tue, 07 Mar 2023 10:00:52 GMT

GET
H3 200 bigstar-rating.js Show response
windowsapp.com.se/public/js/ 550 B
892 B 391ms
391ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/js/bigstar-rating.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-226"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BpXs55GZgZK0b19QRfbpa75LraOHxVR1DlBJHvyUiG7ySgWt6bBtzrE9mBSpXmSxHOGeF%2BX5xSew57Uire7ZJRq980U0nAMbKIOwZ%2BXl1YyAnSg3XLD2U1PJX9YZdlcYdmY3dy%2B6KP0dd2vpZCzyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e09f333746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 star-rating.js Show response
windowsapp.com.se/public/js/ 602 B
900 B 408ms
408ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/js/star-rating.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-25a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZ7vvogHpNeszkvNdr3GPWaV16eRrl1IaCgd8w3AdepVtLrVy0COugHJnmakZLSViHJfZlJZrLwiKNjjuu9dd3E6nSEpu5%2BuKFHw8dUD4N%2BaSqoQhreoXkyA%2BoL50m3aRFdDrX%2FWUAM93jJXdtLUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e118a13746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 jquery.mousewheel-3.0.6.pack.js Show response
windowsapp.com.se/public/fancybox/lib/ 1 KB
1 KB 449ms
448ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/fancybox/lib/jquery.mousewheel-3.0.6.pack.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWUyBMN%2BGDe0wEB8ZAzt5Gw2naGF2mohtcIyEpzQ8M7YoSYglRedGiTGc3%2Fd9U2yWxbOOp2%2FjYZKca5%2BcnFebr97iT%2BwGIreuTSVVyjbixhrBhxEQguM1abJ9aVRAQcRsmlbQ9nhdPl59KG5VeDGFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128c63746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 jquery.fancybox.pack.js Show response
windowsapp.com.se/public/fancybox/source/ 23 KB
9 KB 449ms
448ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/fancybox/source/jquery.fancybox.pack.js?v=2.1.5
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-5a5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDk4EVRyb%2BRtM30nF%2BgRTPfYFCTTAe2u8U2lIMPIcfQlPSliPe43wpfwM8ZJeZjfYZAHtC5ZCjeaQpBtNjZGgHG2%2FshTOjkyoSEp6GfJELCGPQGfbXwWXlTnhYrbYSzJc8UlK07hFebx72FaZZWzUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128cb3746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 imglazyload.js Show response
windowsapp.com.se/public/js/ 2 KB
2 KB 433ms
432ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/js/imglazyload.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDk0s%2F2uJl08KWInl3KhehOV%2FEd4u8XhN8Hj%2Fe0Am5Ncj5kq%2BfZ%2FwuD2275TwBk2KEa8jtlRJv4kDeLHwOyR%2BUFxHr3T28yhSFCmEdEENbW3oVd50wfEW9PQGGtrmjnLz8RdcM%2FIfVXeSSYk7Z9D7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128cc3746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 bootstrap.min.js Show response
windowsapp.com.se/public/material/js/ 36 KB
10 KB 438ms
437ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/material/js/bootstrap.min.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-9004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqRpQ63%2Fsrzhm95cJfKodBbOGS5jcGr0b4Klp1v1V2cazKs6Cz%2FlHxFa0YUvEdDkCGLVfTolDWx84l4LFBymGB8MQhUizwfLrXJg1xWp1oByqy1SMfVwxuEcsbplq50llOVL0gwPeWziYW2DtP6Rxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128ce3746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 ripples.min.js Show response
windowsapp.com.se/public/material/js/ 3 KB
2 KB 436ms
435ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/material/js/ripples.min.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-af9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybZn5NO0SDgkWvO57gPG0rXeU6nHwR1cVaik7XGTcQTpgbIG0ZvRFzXsUBrbXw0qy916qOWJk14a9bM8irygs%2BKdNNhAlOUuoRT0DNQoRemvIbqNa0h31FrSNLExjD2O4gclJOC2gzSJNmjrIqIzPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128d03746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 material.min.js Show response
windowsapp.com.se/public/material/js/ 5 KB
2 KB 456ms
455ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/material/js/material.min.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-152e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooPQiPGKqyj%2FcSBLATUskFpeJyJVycP1WeAxPMJV8HU8l6xT5%2Bb8CKWS45Dssn8BULcI0zqRwQPrqXUTFXJFFziWgLP2LuKFk0hyWyeJevlL2MIOVJUY%2Bu0s3F0%2BnN%2F9%2BJ6JlBOVpQfgsqFB5tfAuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128d33746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H3 200 jquery.dropdown.js Show response
windowsapp.com.se/public/material/js/ 12 KB
4 KB 395ms
394ms Script
application/javascript 2606:4700:3032::ac43:a284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://windowsapp.com.se/public/material/js/jquery.dropdown.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/1058455218/hogia-mypayslip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 11:21:08 GMT
server: cloudflare
etag: W/"5f688ca4-3056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSksbrpZJF6wjfWrsDX9EcQ94W8L%2Fhz58%2FOjJ9S1G5ln9GmgTDvXWBeMYBoCjPMzp0cM5oAmNcoeeAg7b8DXqISlN4MWNpCshg9q%2BKg3S0g1%2F9drmL%2FksyReeKUe9%2Fe5c8LkzhlDzrBMIJ7i%2BgPJhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31104000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ec477e128d63746-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:12:01 GMT

GET
H/1.1 200
OK bigstars.png
appfurpc.com.de/public/images/ 823 B
1 KB 725ms
158ms Image
image/png 209.50.60.88
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appfurpc.com.de/public/images/bigstars.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/public/material/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.50.60.88 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-60-88.us-sjo1.upcloud.host

Software

Apache /

Resource Hash

ac66ac722009b2924b2fc7b8d59b434342feb5f158046a3b4c639473bae9201c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 10:23:10 GMT
Server: Apache
ETag: "337-591530246a52a"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 823
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Mar 2023 10:12:01 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v41/ 54 KB
55 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v41/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://windowsapp.com.se/
Origin: https://windowsapp.com.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 09:36:00 GMT
x-content-type-options: nosniff
age: 520560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55208
x-xss-protection: 0
last-modified: Thu, 16 Aug 2018 20:54:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 09:36:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
14 KB 108ms
63ms XHR
text/html 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22384346533/windowsapp.com.se_980x300_responsive_1&sz=970x250%7C728x90%7C300x250&t=Placement_type%3Dserving&1647339120866

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5870c19909e7a0d0277d4294f0bfd8d4adbaed3d61379092be412e5ad01816f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13082
x-xss-protection: 0
google-lineitem-id: 5926800160
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138384232262
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK stars.png
appfurpc.com.de/public/images/ 444 B
860 B 649ms
160ms Image
image/png 209.50.60.88
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appfurpc.com.de/public/images/stars.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/public/material/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.50.60.88 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-60-88.us-sjo1.upcloud.host

Software

Apache /

Resource Hash

55d7c24fcedca5f2bb26dd9c3a34ecb431dd61161400da5478b50f190c49bbc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 10:23:10 GMT
Server: Apache
ETag: "1bc-591530246b4cb"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 444
X-XSS-Protection: 1; mode=block
Expires: Wed, 15 Mar 2023 10:12:01 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 42C7 478 KB
138 KB 77ms
34ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 711
x-ms-lease-status: unlocked
last-modified: Tue, 15 Mar 2022 07:59:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axLU266K0MeGcki%2BWXZLpQWLEkSg7yZXu0Wo3vS23RKXoZa7tT%2FQxkAVCqz6gv2FBsK8dkiIoT0IlKy95nuUcryuoq177V2b1OpDSTFysTGW6zaOK%2BkSNK7EYNbwEvbopeHer18sIno%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d5d9d2b0-a01e-0015-7a42-38e824000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6ec477e2783f0229-ZRH

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 45ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://windowsapp.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://windowsapp.com.se
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1679
date: Tue, 15 Mar 2022 10:12:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 42C7 483 B
965 B 81ms
39ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843
content-type: application/javascript
x-amz-request-id: tx9e2734ae1ff24bdbb6982-0062287777
x-amz-id-2: tx9e2734ae1ff24bdbb6982-0062287777
last-modified: Wed, 09 Mar 2022 09:45:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAOxkus42excp4J8kFca2bxamYborflQnR72QDEgk7fwcicgXI7Y7wKymhpOVLB1sgiyMSZRp%2F4tN6kg%2FOUxkIpAJd6jATdHMrnXmE3BhWZNpHl2t9DkyB5%2FF0yM3BbJQGlvqL3Kp3KQkSWC"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1646819115209325
cache-control: public, max-age=1800
cf-ray: 6ec477e52aab375f-MXP
expires: Tue, 15 Mar 2022 10:42:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 42C7
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=EBn6-3w1NWxUUm5pRDlYM3VJSDBqMmsrdTdTWVI2OHNmbThiRXB3dGpSMW1jeWEvNkg1eGVnM1h6OCtOREVtQnp6Q3Z3Sm1XUzgzMmpuR3NYTmJlc0dpeElUeCtLa1d1aVZNR1FUcy84YkxYbTkwS2UrRGZ4dlRScnlzVz...

363 B
625 B

43ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EBn6-3w1NWxUUm5pRDlYM3VJSDBqMmsrdTdTWVI2OHNmbThiRXB3dGpSMW1jeWEvNkg1eGVnM1h6OCtOREVtQnp6Q3Z3Sm1XUzgzMmpuR3NYTmJlc0dpeElUeCtLa1d1aVZNR1FUcy84YkxYbTkwS2UrRGZ4dlRScnlzVzVKd3FNWGFKNUpEV0N1UXlrZDBQamdBNzQycjh1N1BHZFpWdXFjMTNqMEVRR3ZjNVZNemVNZnhUK1ZReEJwMjBzVVR5ODlBK1FlT0pPWTdmazFWTHBWanIzN3FkRnRaekJLWlNCOFI0UXFITFFMNkRWT2hFPXw&cppv=2

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1e6ecf4d7779cfbe2f2bc5b38d77014299c6d33609771d63a3ef436691338f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:00 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4013
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:00 GMT
location: https://mug.criteo.com/sid?cpp=EBn6-3w1NWxUUm5pRDlYM3VJSDBqMmsrdTdTWVI2OHNmbThiRXB3dGpSMW1jeWEvNkg1eGVnM1h6OCtOREVtQnp6Q3Z3Sm1XUzgzMmpuR3NYTmJlc0dpeElUeCtLa1d1aVZNR1FUcy84YkxYbTkwS2UrRGZ4dlRScnlzVzVKd3FNWGFKNUpEV0N1UXlrZDBQamdBNzQycjh1N1BHZFpWdXFjMTNqMEVRR3ZjNVZNemVNZnhUK1ZReEJwMjBzVVR5ODlBK1FlT0pPWTdmazFWTHBWanIzN3FkRnRaekJLWlNCOFI0UXFITFFMNkRWT2hFPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1781
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 42C7 213 B
535 B 25ms
9ms XHR
application/json 141.95.99.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.99.211 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3213278.ip-141-95-99.eu

Software

Resource Hash

7e359f9fee04ab32dc9d24fd7b6a0355b457b2480dbac9ee2379e9648ff06a1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:00 GMT
access-control-allow-credentials: true
vary: Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 42C7 81 KB
28 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b9b56144ab26b69a125d401dff14910d7e9a015e8e525ae335f16a5cd89985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27748
x-xss-protection: 0
server: sffe
etag: "1159 / 293 of 1000 / last-modified: 1647333762"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Mar 2022 10:12:01 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4341
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

36ms
7ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 200x200bb.jpg
is3-ssl.mzstatic.com/image/thumb/Purple125/v4/88/5a/27/885a272e-1e6b-db17-9dad-cee91a486d49/source/ 10 KB
11 KB 130ms
12ms Image
image/jpeg 2a02:26f0:1700:38a::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Purple125/v4/88/5a/27/885a272e-1e6b-db17-9dad-cee91a486d49/source/200x200bb.jpg

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:38a::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

e4c5e9c0d510a455ae0f1615a994f29fd924bba51050d05ed568d2c2a6287568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-apple-jingle-correlation-key: IIM7CLD4D6NA3YC55XR3VNOG6U
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE4LjItMjJBLDIwRTI0MSwxNjQzNjE4NzU3ODgxLGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwNTM1LG5vRWZmZWN0"
x-b3-traceid: 4219f12c7c1f9a0de05dede3bab5c6f5
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE207:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid: 4219f12c-7c1f-9a0d-e05d-ede3bab5c6f5
b3: 4219f12c7c1f9a0de05dede3bab5c6f5-e3be6a8eb796f158
content-length: 10643
server: daiquiri/3.0.0
x-cache: TCP_MISS from a184-86-102-6.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-tk: false
last-modified: Mon, 31 Jan 2022 08:45:57 GMT
x-cache-remote: TCP_MISS from a2-20-143-166.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-seq: 0.0
date: Tue, 15 Mar 2022 10:12:01 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=13019768
x-b3-spanid: e3be6a8eb796f158
cdnuuid: 84701035-fdd4-4cd2-94c8-5c9b17b90a03-46479600

GET
H2 200 392x696bb.png
is4-ssl.mzstatic.com/image/thumb/PurpleSource125/v4/87/74/97/87749798-7579-95b1-bea6-42e5dd83b207/29664357-1278-4c4d-90e5-6b642a810954_iPhone_8_Plus.png/ 55 KB
56 KB 142ms
24ms Image
image/png 2a02:26f0:1700:394::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/PurpleSource125/v4/87/74/97/87749798-7579-95b1-bea6-42e5dd83b207/29664357-1278-4c4d-90e5-6b642a810954_iPhone_8_Plus.png/392x696bb.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:394::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

23e8f7f6a12e07a3a097767ec61c968efcfe8195f10572feae2806b89be4203d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-apple-jingle-correlation-key: H66M6IEDXQ2OM4YRI7ZJD5UOSM
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE5LTIyQiwyMEUyNDEsMTY0NDkzOTcwODA2NSxpc0J1aWxkVmVyc2lvbk5vdFNldCw1MDIwMCxub0VmZmVjdA=="
x-b3-traceid: 3fbccf2083bc34e6731147f291f68e93
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:22RELEASE11:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 3fbccf20-83bc-34e6-7311-47f291f68e93
b3: 3fbccf2083bc34e6731147f291f68e93-f45f8e61099120a2
content-length: 55857
server: daiquiri/3.0.0
x-cache: TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-tk: false
last-modified: Tue, 15 Feb 2022 15:41:48 GMT
x-cache-remote: TCP_MISS from a2-20-143-118.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-seq: 0.0
date: Tue, 15 Mar 2022 10:12:01 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=12266789
x-b3-spanid: f45f8e61099120a2
cdnuuid: 8e61501e-8790-49db-9474-9be68874f558-18068744

GET
H2 200 200x200bb.jpg
is1-ssl.mzstatic.com/image/thumb/Purple123/v4/74/8b/59/748b59f2-ac1a-9b21-c541-86fc5b8fc9be/source/ 8 KB
8 KB 133ms
16ms Image
image/jpeg 2a02:26f0:1700:38d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple123/v4/74/8b/59/748b59f2-ac1a-9b21-c541-86fc5b8fc9be/source/200x200bb.jpg

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:38d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

c2ca50b6340d3f0247e56806ab034615c5c1c5398870c95b0be83c0482fb10c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 5NM764N4YR5SUS7UH2TAD4JISQ
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjUtMjEwLDIwRTI0MSwxNjQxOTk3MDM2NzEwLGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMzg2LG5vRWZmZWN0"
x-b3-traceid: eb59ff71bcc47b2a4bf43ea601f12894
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE207:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid: eb59ff71-bcc4-7b2a-4bf4-3ea601f12894
b3: eb59ff71bcc47b2a4bf43ea601f12894-4b0cac01d1a9bbd3
content-length: 7739
server: daiquiri/3.0.0
x-cache: TCP_MISS from a184-86-102-15.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-tk: false
last-modified: Wed, 12 Jan 2022 14:17:16 GMT
x-cache-remote: TCP_MISS from a193-108-94-159.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-seq: 0.0
date: Tue, 15 Mar 2022 10:12:01 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=10788328
x-b3-spanid: 4b0cac01d1a9bbd3
cdnuuid: 4f9ba83d-479f-45bc-9a22-84573dc6014a-10521215

GET
H2 200 150x150bb.png
is4-ssl.mzstatic.com/image/thumb/Purple115/v4/c6/aa/02/c6aa022f-77a0-4492-eab3-c16591d614c0/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 8 KB
9 KB 168ms
50ms Image
image/png 2a02:26f0:1700:394::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is4-ssl.mzstatic.com/image/thumb/Purple115/v4/c6/aa/02/c6aa022f-77a0-4492-eab3-c16591d614c0/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/150x150bb.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:394::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

1affb8f05c65e07d5d22f1ec86340e534b74fa7321ed4b2c8e7d7b1a697b40e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-apple-jingle-correlation-key: RQ4RQOQHXNTDHW523YGTIWOR24
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE4LjItMjJBLDIwRTI0MSwxNjQzNjA5MDU1NjYwLGlzQnVpbGRWZXJzaW9uTm90U2V0LDYwMDQ3LG5vRWZmZWN0"
x-b3-traceid: 8c39183a07bb6633dbbade0d3459d1d7
x-daiquiri-instance: daiquiri:33624002:pv50p00it-hyhk12033901:7987:21RELEASE207:daiquiri-amp-processing-shared-int-001-pv
x-apple-request-uuid: 8c39183a-07bb-6633-dbba-de0d3459d1d7
b3: 8c39183a07bb6633dbbade0d3459d1d7-e9a6e1a693c73a89
content-length: 8629
server: daiquiri/3.0.0
x-cache: TCP_MISS from a184-86-102-24.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-tk: false
last-modified: Mon, 31 Jan 2022 06:04:15 GMT
x-cache-remote: TCP_MISS from a2-20-143-149.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-seq: 0.0
date: Tue, 15 Mar 2022 10:12:01 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=11281242
x-b3-spanid: e9a6e1a693c73a89
cdnuuid: 84701035-fdd4-4cd2-94c8-5c9b17b90a03-47501082

GET
H2 200 150x150bb.png
is1-ssl.mzstatic.com/image/thumb/Purple125/v4/0d/f1/8d/0df18d21-83a2-12ac-b139-092920e4c5ee/AppIcon-0-1x_U007emarketing-0-9-0-85-220.png/ 8 KB
9 KB 147ms
30ms Image
image/png 2a02:26f0:1700:38d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/Purple125/v4/0d/f1/8d/0df18d21-83a2-12ac-b139-092920e4c5ee/AppIcon-0-1x_U007emarketing-0-9-0-85-220.png/150x150bb.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:38d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

e884d8ac399db625523c10398657df0403405b60f0ebd374bfc70d714ba2f58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-apple-jingle-correlation-key: GHI5QPINTB7S5NM67OJMPPKM3Q
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE4LjItMjJBLDIwRTI0MSwxNjQyOTQ2NTIzODU4LGlzQnVpbGRWZXJzaW9uTm90U2V0LDUwMDcwLG5vRWZmZWN0"
x-b3-traceid: 31d1d83d0d987f2eb59efb92c7bd4cdc
x-daiquiri-instance: daiquiri:13624002:mr85p00it-hyhk03094901:7987:21RELEASE207:daiquiri-amp-processing-shared-int-001-mr
x-apple-request-uuid: 31d1d83d-0d98-7f2e-b59e-fb92c7bd4cdc
b3: 31d1d83d0d987f2eb59efb92c7bd4cdc-956c20a9d885a856
content-length: 7901
server: daiquiri/3.0.0
x-cache: TCP_MISS from a184-86-102-15.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-tk: false
last-modified: Sun, 23 Jan 2022 14:02:03 GMT
x-cache-remote: TCP_MISS from a2-20-143-151.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
apple-seq: 0.0
date: Tue, 15 Mar 2022 10:12:01 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=12693648
x-b3-spanid: 956c20a9d885a856
cdnuuid: 1aa6cf32-83b4-40a3-87f9-0bb4b402dcef-29489058

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 177ms
70ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-10fdc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69596
expires: Tue, 15 Mar 2022 11:12:01 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 80ms
18ms Preflight 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://windowsapp.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://windowsapp.com.se
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 42C7 1 KB
973 B 259ms
215ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1to3QHhe7z2qbwgirHzB3HAHsWD2BP4L5FnWyIrrR%2FdbuXyU8YwI4KnTWrHnTyGrTrcAfg4IDdxkdSyevKSh6oAT%2B2MUYHcb9MIbyBw9rlgW3Ku5%2BIv7%2BERfmLlQ8MSXY%2Fiv3SxhW2bQCISuZ3sgg98qvVsy"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e59bfc59e9-MXP
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 42C7 177 B
446 B 366ms
324ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1fa4a6b89b29eda5f217d9c4b8d95f6ec9f5b77c3837f937c7d698a49a54b1

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeI%2BtL6pg%2BOuskLGPAUma3vjoIbIdhv0PyHZ1ry91bWoDkNXROZ%2FU4JnlN0705w%2BcdVagqOEogpoQ06fxvomVMi3TNl70FfyjNljOj%2FrUt8UaL8I7E0Of7EKrWwKtQG2dlYKFe92y99uWuUIEUOa6GDha6Dp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e59c0059e9-MXP
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 42C7 0
348 B 520ms
324ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:01 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 221
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 42C7 138 B
817 B 68ms
31ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1b6a7d92084dc9e2bb3caaa399fb69d9e010f10e69fbf65c354a6c1ca6a58f04

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:01 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 98eb7300-dab9-431e-9b00-83c2b8eb5921
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 42C7 0
410 B 59ms
19ms XHR
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 42C7 0
179 B 52ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 42C7 461 B
788 B 105ms
31ms XHR
application/json 54.36.238.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS: ip155.ip-54-36-238.eu
Software: /
Resource Hash: 2710dea57b10afc1ddae5a5a68c59cfac6d968379f9a5ea3198e949f9af0784f

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 461
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 42C7 283 B
1 KB 146ms
89ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=342930&zone_id=1810420&size_id=2&alt_size_ids=31%2C38%2C39%2C40%2C41%2C55%2C57%2C78%2C79%2C96%2C125%2C145&rp_schain=1.0,1!setupad.com,407,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&tk_flint=pbjs_lite_v6.6.0&x_source.tid=fff7d36f-84c7-496b-ae3d-4ec6378e9508&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3600755480075051
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 39999451bad87515c56e47a75b46d6d04e7d98b35ab1bf40d3407489e678b242

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:01 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 42C7 0
160 B 35ms
13ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1647339121492&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 42C7 2 B
913 B 336ms
129ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 42C7 0
339 B 100ms
22ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 42C7 0
218 B 52ms
15ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=33573902078

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://windowsapp.com.se
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame 42C7 73 B
380 B 58ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fff7d36f-84c7-496b-ae3d-4ec6378e9508&nocache=1647339121496&id5id=0&pubcid=248b592d-cc48-4643-a84d-def7ee5e6f78&schain=1.0%2C1!setupad.com%2C407%2C1%2C%2C%2C&aus=970x250%2C728x90%2C980x300%2C750x100%2C750x150%2C750x200%2C750x300%2C800x250%2C930x180%2C950x90%2C970x90%2C970x210%2C980x120%2C980x150%2C980x200%2C980x240%2C980x250&divids=div-custom-ad-1647339120990-0&aucs=&auid=556674433
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 80b539ba6123ff47066289ea5f60ffebd4560088fa83f9d142a51ea5daa1eb32

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://windowsapp.com.se
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 42C7 0
402 B 79ms
42ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e5a8f70200-ZRH
x-err: Parsing the Prebid Request. ads.txt not fetchable or parsable
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4341 32 KB
10 KB 8ms
7ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33296
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 42C7 72 KB
23 KB 99ms
64ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f884ae3edcb8c05f55a2f69a0c8c5484885584acb5c9978572b9f51ad0277e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx9d80e96bdb7e4bffbe442-0062305af1
cf-ray: 6ec477e5bbc383b5-MXP
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: tx9d80e96bdb7e4bffbe442-0062305af1
last-modified: Wed, 09 Mar 2022 09:45:14 GMT
server: cloudflare
etag: W/"93ca984a268a88c3342d6faa613fdb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8SLdRmMstHVHCltn1NINedjGHuf%2Bi1odmZGo62GZ2IWgzHbk3HsFhnWZOlvOQNVObmQBWEK2sev4rxwPGb1jKWwr%2BIvA516mKd0yLuvDeQOkk5kZl8yFitMKL9WjppNUDYpOYUWDpAaSRh0"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1646819103449942
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H2 200 pubads_impl_2022030702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 42C7 364 KB
122 KB 50ms
16ms Script
text/javascript 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

sffe /

Resource Hash

bf21717eb9d6b396f3a9a20f66d264678ebbffac2b8bdce1a864b61b7346eaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 08:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124753
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 21:16:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 08:11:05 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4341 284 B
536 B 35ms
8ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 53ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1066
date: Tue, 15 Mar 2022 10:12:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4341 0
239 B 269ms
210ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H3 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 96ms
80ms XHR
text/html 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22384346533/windowsapp.com.se_728x90_responsive_4&sz=728x90%7C320x100&t=Placement_type%3Dserving&1647339121578

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6a86882782bc143326fece32eb4bb5f659942d8a7af66d4ec22037a53671aa35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13025
x-xss-protection: 0
google-lineitem-id: 5925588435
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381675167
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 90ms
75ms XHR
text/html 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22384346533/windowsapp.com.se_300x250_responsive_2&sz=300x250&t=Placement_type%3Dserving&1647339121578

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

65ac6ddbbaf8393a0ee05b6aaf2d869f0bba38902003fc4a1c37ea813cbaefce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13022
x-xss-protection: 0
google-lineitem-id: 5926800208
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381675017
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 1159 478 KB
137 KB 46ms
46ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 711
x-ms-lease-status: unlocked
last-modified: Tue, 15 Mar 2022 07:59:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpQWRzyS0wYltOjzeAeYWKT275mnlToq%2FHkRjjrcwwRP3hPfj9Q8Zl7epvHQZKTr%2FClzlIuCowt1V7ykVjZ1M44w854qluM3zecu8pT49sUzSpbAhX5Lay6OpYY6WOj3pXRtSeeFx%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d5d9d2b0-a01e-0015-7a42-38e824000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6ec477e69ed20229-ZRH

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 5493 478 KB
137 KB 32ms
32ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 711
x-ms-lease-status: unlocked
last-modified: Tue, 15 Mar 2022 07:59:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMMLOJFSyN508ww9bItlGAsEjAACvy0J4JXUdpspzYOcSidmJRuyvYld5yiZlsYA5%2BMUVPr0HU0g52kW%2Fgj7UnmwJsoyvCN6aS5tfH6GBFQ5XZVkpBRWUT03a%2BkofLS3OrGUx0MFBec%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d5d9d2b0-a01e-0015-7a42-38e824000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6ec477e6aedf0229-ZRH

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/ Frame 42C7 0
239 B 35ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 25ms
25ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&bundle=6JZHil9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpJTJGUXRXSThEQ3dJZzhnVHQ0ejlTOU1PWEt5Q1BXMyUyRnJMMHlpUFl6UVhyYTRobmFUbkJFUnZJM05GVDB1WWREZ1h2SXBOQ1lPaWozZ1J6S1klMkJvJTJGZ3E2eXFOUTB0UG1VanJ1Mk9jbXhrbmJkJTJC&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://windowsapp.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://windowsapp.com.se
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1860
date: Tue, 15 Mar 2022 10:12:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 5493 483 B
551 B 35ms
34ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843
content-type: application/javascript
x-amz-request-id: tx9e2734ae1ff24bdbb6982-0062287777
x-amz-id-2: tx9e2734ae1ff24bdbb6982-0062287777
last-modified: Wed, 09 Mar 2022 09:45:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBcltO0o93csl5dSHV4AACUw%2B9eE3xaRXOZpmNURswxpn3KGEHop0vfkPcG483lAh%2FittIauCVntjmGmWOj09ucBH%2FvCcHAiBzdoENC4jMQFszA0cUYzIsJhk3ethip5KN1wbhem%2BkH8KMma"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1646819115209325
cache-control: public, max-age=1800
cf-ray: 6ec477e74fc8375f-MXP
expires: Tue, 15 Mar 2022 10:42:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5493
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&bundle=6JZHil9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpJTJGUXRXSThEQ3dJZzhnVHQ0ejlTOU1PWEt5Q...
https://mug.criteo.com/sid?cpp=fGiHu3xTdTlxbE9pN3FENllZQVhuTkwyZERYblFXRkt4YzNwb1RyZjNVRWFPWVZTZ1Y2L0R0OXpwMUh6VE9rSjQ2SEc1ckdaRjdHNnI0WXZ2aVkxelZLekwxTytQMWtBQ2Jjc0hBZnJpOWF3UUxFZFdGZEdxYm9zWmROeV...

358 B
620 B

16ms
14ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fGiHu3xTdTlxbE9pN3FENllZQVhuTkwyZERYblFXRkt4YzNwb1RyZjNVRWFPWVZTZ1Y2L0R0OXpwMUh6VE9rSjQ2SEc1ckdaRjdHNnI0WXZ2aVkxelZLekwxTytQMWtBQ2Jjc0hBZnJpOWF3UUxFZFdGZEdxYm9zWmROeVFReFpsb1JCN1RnczZBTFlZd0FEZTBETWIzOWMrYm1MUmgrL3NueGpqVHdvSEMwQnlLTjhrSnFDZEZtZ0NVSDdOdXhFOCtPd0dCTERDcElmTDRIcUxxUTVFZFF4a2g0NEI1RXFkNWlpQzFNOEplVEI3WU5QWE9sdGlRa3pyK3o4NUpoQzN4TmNEfA&cppv=2

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c0e640f2e75c48d0e723468325a50c2a8e934314d80e68b0a87131254b8ef480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2418
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
location: https://mug.criteo.com/sid?cpp=fGiHu3xTdTlxbE9pN3FENllZQVhuTkwyZERYblFXRkt4YzNwb1RyZjNVRWFPWVZTZ1Y2L0R0OXpwMUh6VE9rSjQ2SEc1ckdaRjdHNnI0WXZ2aVkxelZLekwxTytQMWtBQ2Jjc0hBZnJpOWF3UUxFZFdGZEdxYm9zWmROeVFReFpsb1JCN1RnczZBTFlZd0FEZTBETWIzOWMrYm1MUmgrL3NueGpqVHdvSEMwQnlLTjhrSnFDZEZtZ0NVSDdOdXhFOCtPd0dCTERDcElmTDRIcUxxUTVFZFF4a2g0NEI1RXFkNWlpQzFNOEplVEI3WU5QWE9sdGlRa3pyK3o4NUpoQzN4TmNEfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1955
content-length: 509
expires: 0

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5493 81 KB
27 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5908356e59a4c9d425dc5cb8b4cd81383c55904c65d0b9807a0c16ae028320a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27718
x-xss-protection: 0
server: sffe
etag: "1159 / 978 of 1000 / last-modified: 1647333684"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Mar 2022 10:12:01 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2287
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

17ms
17ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 16ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://windowsapp.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://windowsapp.com.se
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1600
date: Tue, 15 Mar 2022 10:12:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 1159 483 B
556 B 26ms
25ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843
content-type: application/javascript
x-amz-request-id: tx9e2734ae1ff24bdbb6982-0062287777
x-amz-id-2: tx9e2734ae1ff24bdbb6982-0062287777
last-modified: Wed, 09 Mar 2022 09:45:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utx3RA1S36%2BmeE94ClX6w9R3YuklHD706g4kir9Tw9PvLzosyh9AP6CDzVkv94UrESU0YEKd8FVHtWDledDQ6OM5VoEVVC9XpYaxAVx%2B1GP043LMC6Em%2BeRdT%2FdupnzQFlBPF%2BZPdYjF6jzi"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1646819115209325
cache-control: public, max-age=1800
cf-ray: 6ec477e8097b375f-MXP
expires: Tue, 15 Mar 2022 10:42:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1159
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwindowsapp.com.se%2F&domain=windowsapp.com.se&bundle=6JZHil9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpJTJGUXRXSThEQ3dJZzhnVHQ0ejlTOU1PWEt5Q...
https://mug.criteo.com/sid?cpp=Zf5443w3SklYSS9tV1czQW5rMkRscjNlRE9SdWs1LzR2ZDBkTUtNNFFtKzNUSGhnZWFmWWtkd3VhK2Y3SmdKSll5eTJVUnFlOHhQRWwycEpvbEVTQ3UrMUNrRkVHR3FWekhPNGIwNHEvSlRLQTdNSDFvSjU2cE1KbFZhQT...

364 B
623 B

16ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Zf5443w3SklYSS9tV1czQW5rMkRscjNlRE9SdWs1LzR2ZDBkTUtNNFFtKzNUSGhnZWFmWWtkd3VhK2Y3SmdKSll5eTJVUnFlOHhQRWwycEpvbEVTQ3UrMUNrRkVHR3FWekhPNGIwNHEvSlRLQTdNSDFvSjU2cE1KbFZhQTkzeXRtOE42Zm9BaHlqQ1crRC91WEswS1R5SU5GUldWSXFIS2FpREVMUk4wcDFwR3JVT0RCZzdCMWIvd2lxL2dNV29lWHFhOFB6dFRRQ0tyL1QwS2pNYlBLM2FEem92VCt1U2Z2SUx6Q2ZwZ0tuR21EK0VvdDlyMzNWL2NGNyt4QURhanBrdndsfA&cppv=2

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1a393229854bc46159a0d6d1dd58ef5a706ca46b103daa5919b4f3790563a752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2868
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
location: https://mug.criteo.com/sid?cpp=Zf5443w3SklYSS9tV1czQW5rMkRscjNlRE9SdWs1LzR2ZDBkTUtNNFFtKzNUSGhnZWFmWWtkd3VhK2Y3SmdKSll5eTJVUnFlOHhQRWwycEpvbEVTQ3UrMUNrRkVHR3FWekhPNGIwNHEvSlRLQTdNSDFvSjU2cE1KbFZhQTkzeXRtOE42Zm9BaHlqQ1crRC91WEswS1R5SU5GUldWSXFIS2FpREVMUk4wcDFwR3JVT0RCZzdCMWIvd2lxL2dNV29lWHFhOFB6dFRRQ0tyL1QwS2pNYlBLM2FEem92VCt1U2Z2SUx6Q2ZwZ0tuR21EK0VvdDlyMzNWL2NGNyt4QURhanBrdndsfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1779
content-length: 509
expires: 0

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1159 81 KB
27 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3660a2d5bb96b0556aaec05d61a6a7f3b60eee4052d0a7423c59835959bf497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27754
x-xss-protection: 0
server: sffe
etag: "1159 / 589 of 1000 / last-modified: 1647333762"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Mar 2022 10:12:01 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F261
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:01 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 18ms
18ms Preflight 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://windowsapp.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://windowsapp.com.se
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 5493 1 KB
665 B 50ms
48ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzXZXpdpNOUM%2FfUcsFOIu3J5bQp56sDfd1IDZI9XJrWe2JzBC9hYHfG42PziQGOlhKz2evj6Lz48LlEFtbhC7wClYl4HMwFvyOFgHUeHaKpnaxgXYOOmvwxpS%2FNlMjWXm4zHmivw%2F3TKpNPZ8Jww34P380PH"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e82a5859e9-MXP
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 5493 12 KB
8 KB 560ms
558ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58d16bc5dc283a23606833d05fef951db1f2ff842cdf148e9624224ec2da0f

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziZSOoAWNeSFA%2Be4Dtd27jMJVg%2BwakCwe0l6R1eLFUmvzKjLt0Vdf123KqtLPhTlwO8Fbn04cZq%2Fn9Z5rmo9TF%2Bx%2B%2BI%2Fork3IpAhNpC0mDmrPjyd12uZS1P5KbYkLTN1gNY5oBp87SUsvO9vJsPp1tE29EGO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e82a5e59e9-MXP
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5493 255 B
713 B 66ms
65ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=342930&zone_id=1810426&size_id=2&alt_size_ids=1&rp_schain=1.0,1!setupad.com,407,1,,,&eid_criteo.com=B_yHvV9tT2NiQTViRkhlOGVuWlk2azVRTndwTmFFSVdvMmYlMkZoJTJGTmRoJTJGZzJEOVNxNFRlaVF6REszRDNYMEF1N05SRzhTbHAlMkJkU1pxelpIM3c4JTJCdGpJTnU1MkElM0QlM0Q%5E1&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&tk_flint=pbjs_lite_v6.6.0&x_source.tid=0ad6be25-3934-4b58-92c2-54be0edaaa44&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18615271367405217
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6192a22bda72a9bd0f0298ca5278cf4d661cf6ad5eb5e3e64ba4b46a19876c4b

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:01 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 5493 461 B
788 B 27ms
27ms XHR
application/json 54.36.238.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS: ip155.ip-54-36-238.eu
Software: /
Resource Hash: a5d2a01b4244d7da375253f8ad0fcfcca3c7cfb0017f1535d5b40b470e82bdcf

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 461
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5493 20 KB
13 KB 331ms
331ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

52290904476443f21ae8a5f22d0b35b75e80eab8f2037ae53afc56bcc6651795

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 15 Mar 2022 10:12:02 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 14747214-e64f-4bfd-97cf-b496cda26b9b
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5493 0
339 B 21ms
21ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5493 0
218 B 13ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=6261379967

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://windowsapp.com.se
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame 5493 73 B
101 B 30ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0ad6be25-3934-4b58-92c2-54be0edaaa44&nocache=1647339121942&criteoid=B_yHvV9tT2NiQTViRkhlOGVuWlk2azVRTndwTmFFSVdvMmYlMkZoJTJGTmRoJTJGZzJEOVNxNFRlaVF6REszRDNYMEF1N05SRzhTbHAlMkJkU1pxelpIM3c4JTJCdGpJTnU1MkElM0QlM0Q&id5id=0&pubcid=248b592d-cc48-4643-a84d-def7ee5e6f78&schain=1.0%2C1!setupad.com%2C407%2C1%2C%2C%2C&aus=728x90%2C468x60&divids=div-custom-ad-1647339121695-0&aucs=&auid=556674450
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4121babe918e618fb86be2887a3fa6fcd1d937f848711082a20278d3ad87e896

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://windowsapp.com.se
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 5493 2 B
307 B 125ms
125ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 5493 0
159 B 13ms
13ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1647339121943&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 5493 0
65 B 148ms
148ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e82d110200-ZRH
x-err: Parsing the Prebid Request. ads.txt not fetchable or parsable
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 5493 0
409 B 20ms
19ms XHR
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5493 0
179 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:01 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 5493 0
204 B 114ms
114ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:01 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 16
vary: origin, Accept-Encoding

GET
H2 200 cookie
cm.adform.net/ Frame 42C7 43 B
106 B 60ms
20ms Image
image/gif 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2287 32 KB
10 KB 8ms
8ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33296
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9578.qr46MUuGo1YmOYMRSNuk3sQtyzY7HQaPx3_QC-vOJn7S9UMMGkd6GF4y8zNuGwcH.FN_B3wHkKypPnQnYh5jtXXSPJsU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9578.6Xyca4zXLA9Wn12dB-3fBd3fMMbMZgQtg5UmmZVSWXQQ7QacwSH3cN_GCbwlEwXKKKYLwlcByyj0swMSOBJ8hQ%2C%2C.Y5VB0_6P_DaAwy1wrtQhEWu13pI%2C

75 B
75 B

38ms
37ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9578.6Xyca4zXLA9Wn12dB-3fBd3fMMbMZgQtg5UmmZVSWXQQ7QacwSH3cN_GCbwlEwXKKKYLwlcByyj0swMSOBJ8hQ%2C%2C.Y5VB0_6P_DaAwy1wrtQhEWu13pI%2C

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9578.6Xyca4zXLA9Wn12dB-3fBd3fMMbMZgQtg5UmmZVSWXQQ7QacwSH3cN_GCbwlEwXKKKYLwlcByyj0swMSOBJ8hQ%2C%2C.Y5VB0_6P_DaAwy1wrtQhEWu13pI%2C
date: Tue, 15 Mar 2022 10:12:02 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 31ms
28ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1355
date: Tue, 15 Mar 2022 10:12:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 26ms
26ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1124
date: Tue, 15 Mar 2022 10:12:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 24ms
19ms Preflight 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://windowsapp.com.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 15 Mar 2022 10:12:02 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://windowsapp.com.se
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 1159 1 KB
682 B 74ms
72ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKkfzq7F0wkXdLbOYwgBZEr31U7BKZ5wfEqP29iXtuLqPymoiuXsa21bmZhHDJSolon8eLgGgfPnYBEPMKgq7wGFb6DmdlMNoqLr20x1Q%2BJo7KttfC4bG14UqiLjHldL8N23qHpHVpjFN7Tu%2BHmLfpduDlnD"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e8dc0059e9-MXP
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 1159 4 KB
2 KB 201ms
196ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116814b78814ed2ded55e34c84b1d7d868cd5dda919ec56dd088898d611c1907

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZOKDkztyHtQkjjAAlKjdO8wI4Dz0IAmBQEPN9OUO8b3THFbT6Hyc8jcGXBAdrcmQgRW9GkIavU%2B4kQsfCRL%2FUygk5mWs5FdLWTV9WSG36B0couaP9m2VwNPYL8uGre2Mhlq5ZF2iBDOLbxCWUdrLTcRAntJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e8dc0359e9-MXP
expires: 0

POST
H2 200 adjson Show response
ads.betweendigital.com/ Frame 1159 2 B
307 B 124ms
117ms XHR
application/json 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 1159 0
159 B 19ms
13ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1647339122039&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:02 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1159 0
409 B 20ms
19ms XHR
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1159 257 B
715 B 196ms
196ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=342930&zone_id=1810402&size_id=15&alt_size_ids=14&rp_schain=1.0,1!setupad.com,407,1,,,&eid_criteo.com=B_yHvV9tT2NiQTViRkhlOGVuWlk2azVRTndwTmFFSVdvMmYlMkZoJTJGTmRoJTJGZzJEOVNxNFRlaVF6REszRDNYMEF1N05SRzhTbHAlMkJkU1pxelpIM3c4JTJCdGpJTnU1MkElM0QlM0Q%5E1&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&tk_flint=pbjs_lite_v6.6.0&x_source.tid=d131f6a8-1e7d-45b8-bca5-5d29d59f774b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5003693746991469
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 57fc1f0e6ffe4d2b1023af602d7a5497f17a82ef1804dec1f935641de171f440

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:02 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 257
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1159 139 B
818 B 49ms
22ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

33254c4824f35aa7707bd157c579f38d4d26f308c2afd65bc36a4e520dd3e1d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:02 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bfcb9942-1c72-48d0-88d1-6d69b36ed1de
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1159 0
179 B 23ms
23ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:02 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ Frame 1159 461 B
788 B 110ms
110ms XHR
application/json 54.36.238.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.36.238.155 , France, ASN16276 (OVH, FR),
Reverse DNS: ip155.ip-54-36-238.eu
Software: /
Resource Hash: bff8548583996b3aba20c7becdbd3892899f64b8299443b424db6d9d409c7774

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 461
expires: 0

POST
H2 204 prebid Show response
mp.4dex.io/ Frame 1159 0
42 B 59ms
58ms XHR
text/plain 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6ec477e8ee200200-ZRH
x-err: Parsing the Prebid Request. ads.txt not fetchable or parsable
expires: 0

GET
H3 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame 1159 73 B
101 B 24ms
23ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d131f6a8-1e7d-45b8-bca5-5d29d59f774b&nocache=1647339122049&criteoid=B_yHvV9tT2NiQTViRkhlOGVuWlk2azVRTndwTmFFSVdvMmYlMkZoJTJGTmRoJTJGZzJEOVNxNFRlaVF6REszRDNYMEF1N05SRzhTbHAlMkJkU1pxelpIM3c4JTJCdGpJTnU1MkElM0QlM0Q&id5id=0&pubcid=248b592d-cc48-4643-a84d-def7ee5e6f78&schain=1.0%2C1!setupad.com%2C407%2C1%2C%2C%2C&aus=300x250%2C250x250&divids=div-custom-ad-1647339121693-0&aucs=&auid=556674439
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 182b5c14ffe495ddcc379bcf2ee5b92cc2d035244dfbfd4e92083890b83f9e01

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://windowsapp.com.se
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1159 0
339 B 26ms
26ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 1159 0
218 B 20ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=58623858007

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Mar 2022 10:12:01 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://windowsapp.com.se
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 1159 0
228 B 320ms
320ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://windowsapp.com.se
date: Tue, 15 Mar 2022 10:12:02 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 223
vary: origin, Accept-Encoding

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 5493 72 KB
22 KB 43ms
41ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f884ae3edcb8c05f55a2f69a0c8c5484885584acb5c9978572b9f51ad0277e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx9d80e96bdb7e4bffbe442-0062305af1
x-amz-id-2: tx9d80e96bdb7e4bffbe442-0062305af1
last-modified: Wed, 09 Mar 2022 09:45:14 GMT
server: cloudflare
etag: W/"93ca984a268a88c3342d6faa613fdb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBF6uHKk25lUM8vEwoa6BTmTmp1%2FMKXMdAfYDQyh068aEafr8tNuMZHQ7MPjOVkesrGrDr6W%2FbTzDQFptPOkLcNcHCIBsp2mFuw%2FKBuKEZEvPYz9Z2yBvFzlY4Hl7AxBItpCGZE1hh1oMl%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1646819103449942
cf-ray: 6ec477e8ed0b83b5-MXP
access-control-allow-headers: Authorization

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/ Frame 5493 0
239 B 10ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 42C7 107 B
792 B 39ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsapp.com.se

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 42C7 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsapp.com.se

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 42C7 113 KB
32 KB 547ms
530ms XHR
text/plain 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=782662221757391&correlator=3517737954437555&output=ldjh&impl=fifs&eid=31065569%2C31065623%2C44756897&vrg=2022030702&ptt=17&sc=1&iu_parts=147246189%3A22384346533%2Cwindowsapp.com.se_980x300_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C728x90%7C980x300%7C750x100%7C750x150%7C750x200%7C750x300%7C800x250%7C930x180%7C950x90%7C970x90%7C970x210%7C980x120%7C980x150%7C980x200%7C980x240%7C980x250&ifi=1&adks=3843219132&sfv=1-0-38&ecs=20220315&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=windowsapp.com.se&abxe=1&dt=1647339122076&lmt=1647339122&dlt=1647339120982&idt=631&biw=1600&bih=1200&isw=980&ish=150&oid=2&adxs=800&adys=482&ucis=stk23tyx09dj&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&top=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&frm=23&vis=1&scr_x=0&scr_y=0&psz=980x150&msz=980x0&fws=256&ohw=0&ea=0&ga_vid=854664080.1647339122&ga_sid=1647339122&ga_hid=467379282&ga_fc=false&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

87949a3185fbb715ecdfba5ee15242ff8224ed987f220de95db95e457052d521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32932
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0389 6 KB
4 KB 72ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Mar 2022 10:12:02 GMT
expires: Wed, 15 Mar 2023 10:12:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 36ms
36ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 15 Mar 2022 11:12:02 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F261 32 KB
10 KB 8ms
7ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33295
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2287 0
239 B 9ms
8ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad&khaos=L0RZ6H77-4-KHFR
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 42C7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%2524UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603

36 B
36 B

60ms
60ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv4HGLNkY6LyDnLhdVjVxRq0mDtCFynUl%2BSXW6ZwApTjopaSrhDuskvpr4P9adbPYIAB7Jn%2BaKrx8X1xATXEPPybnup6QPtpZW18%2B2VpkWidas9KlUAiqvEZ5YM21ijuJcR%2BF2tuOlPxdO%2FLKw6VKGRdCK56"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6ec477e99e1559e9-MXP
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:02 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1ce981f7-2a86-4b39-8230-199c80c48c83
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1159 364 KB
124 KB 16ms
16ms Script
text/javascript 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Mar 2023 18:24:08 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 1159 72 KB
22 KB 45ms
45ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f884ae3edcb8c05f55a2f69a0c8c5484885584acb5c9978572b9f51ad0277e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx9d80e96bdb7e4bffbe442-0062305af1
x-amz-id-2: tx9d80e96bdb7e4bffbe442-0062305af1
last-modified: Wed, 09 Mar 2022 09:45:14 GMT
server: cloudflare
etag: W/"93ca984a268a88c3342d6faa613fdb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBDFV7QD0hD6ArNYAXAp3vmfjWsDsCnyWeKbNG9dI1NG9Lu1rDHs1vRmoHx3Z6jdnkGh9Kt3uKReoMPBewFvObjrCT0GrdDg3uYI43825rfrMR0%2BU7OjHEDJJDK%2BKgMt8QX4ZLGDnE%2FGbOJy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1646819103449942
cf-ray: 6ec477e93dff83b5-MXP
access-control-allow-headers: Authorization

GET
H3 200 pubads_impl_2022030901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5493 358 KB
121 KB 20ms
20ms Script
text/javascript 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123713
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 09:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 10:02:26 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 5493 43 B
105 B 19ms
19ms Image
image/gif 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/ Frame 1159 0
239 B 9ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/sync.php?p=prebid
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame 1159 43 B
105 B 35ms
35ms Image
image/gif 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 5493
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603

36 B
36 B

79ms
79ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVNrrPOLNh%2FTbC3HHLaUtRBTnSiSSxvmQ0bn6%2B3LameKmMp%2FZwTX2P26kL50Dnkr%2Be4srn7oSfJKEAFlUTxTEqiCCuAwXrUvJgcRO0MKyjVVty%2Fu8BTkqVujoonE%2FrZHZDuXz7szoJqIMShcRlQ8gj%2F7aNev"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6ec477e9cebb59e9-MXP
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:02 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 61e8290a-3f03-415d-9d6d-bfe2e380c291
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 1159
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603

36 B
36 B

61ms
61ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib%2F1lOTCKGRIzM4OEQkdkfczWg2za12YqDDaxzRennH4zIEWAkTTdyT4mAdq%2F5Zxzx514zUC922UhRpwnO8Gs0IizCEHobh2jrrDvGMeAtjobmaeClQ5t5c4NGEgXL5%2BzFVJpHT5kRRGCoeRdTYNIlA5VXWx"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6ec477e9dec259e9-MXP
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:02 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3e3bbf9b-8c23-48d8-9000-bc02418166d5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/49116760/
Redirect Chain

https://mc.yandex.com/watch/49116760?wmode=7&page-url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A...
https://mc.yandex.com/watch/49116760/1?wmode=7&page-url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%...

357 B
439 B

36ms
36ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49116760/1?wmode=7&page-url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1136%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1413016674441%3Ahid%3A335153418%3Az%3A0%3Ai%3A20220315101202%3Aet%3A1647339122%3Ac%3A1%3Arn%3A875509922%3Arqn%3A1%3Au%3A1647339122832137260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647339119742%3Ads%3A1%2C53%2C466%2C2%2C0%2C0%2C%2C1195%2C5%2C%2C%2C%2C1718%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647339122%3At%3ALadda%20ner%20Hogia%20MyPayslip%20p%C3%A5%20datorn%20gratis%20-%20Windows%20PC%20och%20Mac%20%28Svenska%29&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d6b994e26d3c766aed59544ec8e5863d6d397704099d92702992322c0762eb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15-Mar-2022 10:12:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 10:12:02 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
last-modified: Tue, 15-Mar-2022 10:12:02 GMT
location: /watch/49116760/1?wmode=7&page-url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1136%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1413016674441%3Ahid%3A335153418%3Az%3A0%3Ai%3A20220315101202%3Aet%3A1647339122%3Ac%3A1%3Arn%3A875509922%3Arqn%3A1%3Au%3A1647339122832137260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647339119742%3Ads%3A1%2C53%2C466%2C2%2C0%2C0%2C%2C1195%2C5%2C%2C%2C%2C1718%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647339122%3At%3ALadda%20ner%20Hogia%20MyPayslip%20p%C3%A5%20datorn%20gratis%20-%20Windows%20PC%20och%20Mac%20%28Svenska%29&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://windowsapp.com.se
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 10:12:02 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 42C7 43 B
351 B 43ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 591ialea39dk48qee08qfj9rdgunbf9m

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 1159 43 B
134 B 17ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:02 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9i6ihhrkq0qsdsa33222alefu818ek2g

GET
H2 204 um
cs.emxdgt.com/ Frame DFC8 0
0 170ms
47ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

content-type: text/html
date: Tue, 15 Mar 2022 10:12:01 GMT
content-length: 0

GET
H3 200 prebid
rtb.openx.net/sync/ Frame 5493 43 B
64 B 28ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24%7BUID%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:01 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: dob42sf2jp8eaei1ou7mbqoene5oqgkd

GET
H2 204 um
cs.emxdgt.com/ Frame 6BD3 0
0 154ms
47ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

content-type: text/html
date: Tue, 15 Mar 2022 10:12:01 GMT
content-length: 0

GET
H2 204 um
cs.emxdgt.com/ Frame A3FC 0
0 130ms
48ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

content-type: text/html
date: Tue, 15 Mar 2022 10:12:01 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1159 107 B
122 B 37ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsapp.com.se

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1159 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsapp.com.se

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1159 52 KB
12 KB 979ms
979ms XHR
text/plain 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2135003454331089&correlator=2278250960135228&eid=31065632%2C31065652&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&iu_parts=147246189%3A22384346533%2Cwindowsapp.com.se_300x250_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=1&adks=3670978108&sfv=1-0-38&ecs=20220315&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_adid%3D35c4f6e3607b5db%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_bidder%3DrubiconS2S&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie_enabled=1&cdm=windowsapp.com.se&abxe=1&dt=1647339122403&lmt=1647339122&dlt=1647339121673&idt=516&biw=1600&bih=1200&isw=300&ish=150&adxs=655&adys=1416&oid=2&ucis=4ap0sekxml5g&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&top=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1062511285.1647339122&ga_sid=1647339122&ga_hid=2145637355&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b0c7a2425fb3b5eff6fe4193ef2e9b64f71785aa10eeb98e3badbcb9486e0111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12557
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windowsapp.com.se
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9480 6 KB
3 KB 58ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Mar 2022 10:12:02 GMT
expires: Wed, 15 Mar 2023 10:12:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 42C7 14 KB
11 KB 54ms
25ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3186ca53e2abfc300a300456e8c7d647a878f097af29d7a2eaa11acc7df89555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10550
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1159 14 KB
10 KB 31ms
31ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e43e93c001e05abc7a94e9c3dfa13457a0401b9ab81f9d0376b592151d06a635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10677
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 42C7 17 KB
7 KB 93ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1159 17 KB
6 KB 100ms
84ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5493 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=windowsapp.com.se

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5493 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=windowsapp.com.se

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5493 19 KB
9 KB 1041ms
1041ms XHR
text/plain 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3971075495976942&correlator=1247514405914160&eid=31065293%2C31065632%2C44758229&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&iu_parts=147246189%3A22384346533%2Cwindowsapp.com.se_728x90_desktop_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=1&adks=554186109&sfv=1-0-38&ecs=20220315&fsapi=false&prev_scp=hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.43%26hb_adid%3D3581f731e9ddfe3%26hb_bidder%3Dappnexus&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie_enabled=1&cdm=windowsapp.com.se&abxe=1&dt=1647339122553&lmt=1647339122&dlt=1647339121683&idt=529&biw=1600&bih=1200&isw=728&ish=150&oid=2&adxs=655&adys=1306&ucis=obtqc9em408f&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=2&url=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&top=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x150&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1529996109.1647339123&ga_sid=1647339123&ga_hid=1381790265&ga_fc=false&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

34705114b404ffc3faaa45a439f193029d2730850e3963f68384b1d8dca67b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8728
x-xss-protection: 0
google-lineitem-id: 323976749
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303033644
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://windowsapp.com.se
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5493 14 KB
10 KB 37ms
22ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2a5b26e4e8cf24f7c9b0caa688333c96a7aacfdd15dcb2a8ab1774acb144b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10566
x-xss-protection: 0

GET
H2 200 container.html Show response
d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86B6 6 KB
3 KB 59ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 15 Mar 2022 10:12:02 GMT
expires: Wed, 15 Mar 2023 10:12:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5493 17 KB
6 KB 41ms
25ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2C9 13 KB
5 KB 20ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 10:08:27 GMT
expires: Wed, 15 Mar 2023 10:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49EF 783 B
1 KB 42ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b2876ede2c1cdf11bc0b080b87633a3d44b38c669d4db0c2e16c87febec3ee8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GMTjDgNnAGKyfeKy76Uorw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Mar 2022 10:12:02 GMT
date: Tue, 15 Mar 2022 10:12:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GMTjDgNnAGKyfeKy76Uorw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 134D 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 10:08:27 GMT
expires: Wed, 15 Mar 2023 10:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 269B 783 B
739 B 22ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c746ac6ef1d6017253409837df6595ae6320805235bc89fe6f500298f8f23a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OlFlklZWnr8AIcO8TjnmRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Mar 2022 10:12:02 GMT
date: Tue, 15 Mar 2022 10:12:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OlFlklZWnr8AIcO8TjnmRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 88A9 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030702.js?cb=31065569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 10:12:02 GMT
expires: Wed, 15 Mar 2023 10:12:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7817 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 10:08:27 GMT
expires: Wed, 15 Mar 2023 10:08:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 215
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0ADC 783 B
534 B 38ms
20ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d936528ab629186ccc4ac291d2a7f7459fe5970017db6311c6c3d5a1ee6ad00

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2cC6HYxNaFtq1YvqFY/Pqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Mar 2022 10:12:02 GMT
date: Tue, 15 Mar 2022 10:12:02 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2cC6HYxNaFtq1YvqFY/Pqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49EF 0
0 74ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030702&jk=782662221757391&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 269B 0
0 74ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=2135003454331089&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js Show response
pagead2.googlesyndication.com/bg/ Frame A2C9 35 KB
13 KB 20ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13775
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 10:08:27 GMT

GET
H3 200 cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js Show response
pagead2.googlesyndication.com/bg/ Frame 134D 35 KB
13 KB 21ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13775
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 10:08:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 88A9 2 KB
1 KB 47ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:20:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 10:12:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 10:12:02 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 88A9 2 KB
904 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:00:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 88A9 0
0 30ms
30ms Fetch
text/html 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChJe4cmYwYo7MCYPo3gOiqq3wDuaP3oNpoZTh0e8N9tX-4JgWEAEgjeS9KWCV-qSCsAegAdKf8NsDyAEJqQIJw_IcYGyyPuACAKgDAcgDywSqBI0CT9AtxXr4q03e9LcbXfnd5JxtOEDm9pA5S75rP0DTOBJ268TRh8pW4e9S8ACaAYUchZaYntcYnMEGKZ6CTRt8aCj1TYRggr3M1nWfxsOkrLghHRVE1E0MZpltowmvyOv-CQwmXxoIEBnG242Ly_IqByZkI1etl2cgbUZ5K3sFnAreqMRakJO8jKzhCPeBEF2UQoy0907L2MG9wZx_4y1U_ywuDHjfE5VpP5LLYJEcyuJABJAVE_otVDt_c56e9erh_myJGKVXvyxyF041f8YRUh93aQtSxm4MPGB0rXZFBsY-p0GDu5zuV9Jzi01YBv_KeFJE_fUpEu252EZLf61mpgSdxPX4VKQI6bBfFw7ABIv1j_OLAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeW4I8kqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMrTJdIICQiI4YAQEAEYHYAKA8gLAdgTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=pxgFQ0E-H7M&uach_m=[UACH]&template_id=494
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams17s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 88A9 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:09:44 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 88A9 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:10:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88A9 117 KB
36 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:02 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 88A9 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:11:11 GMT

GET
H2 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 88A9 28 KB
12 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 18:51:47 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 88A9 35 KB
36 KB 36ms
9ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSfUZA6b2g_hCImMmg4Jp-S7duU3wcAw5Z9DRQfAL7csPNPvUd-IEzgEx8WjpU&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1599efdbc56fd0405afcfa3b8676353aa918e4278be9f8e23f9858f06eaf1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 19:40:55 GMT
x-content-type-options: nosniff
age: 397867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36226
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 16:42:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 10 Mar 2023 19:40:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 88A9 31 KB
31 KB 54ms
17ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTxZ9vHxfvig6u1vHdj3ppq08DagvUB60EW4XqXyHkFJqJIid_jRJaZ9Bi7dw&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4049e17634f0df8dbd1146cf2782e410ae91fcc13678b8e3c44b324ae19cb293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 09:40:31 GMT
x-content-type-options: nosniff
age: 174691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31612
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 08:57:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 13 Mar 2023 09:40:31 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 88A9 35 KB
36 KB 41ms
7ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSbDxqFxUF5frvdW85ZQCB6kUn47HuGZXdf-KaCXbyEP_JVSWbGAKh5c4-p5w&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215a2208b63720cca6ad229b2d3dcedb0dc2226076db2b86d764117441a3b108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 16:03:45 GMT
x-content-type-options: nosniff
age: 497297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35805
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 17:54:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 09 Mar 2023 16:03:45 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 88A9 23 KB
24 KB 42ms
15ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQOwVOfWnQhlbaX6YqMoNH6SNnB-Rrh3nTJ4oaxkyPHHGgGvZsJKtnXfhs_ow&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddf8dfaad4d5ddc21e3ceda14161c6a41b04f1f6753c73e3a69b52a82b1b5c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 15:41:11 GMT
x-content-type-options: nosniff
age: 239451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23966
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 10:29:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 Mar 2023 15:41:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 88A9 28 KB
28 KB 44ms
18ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRbeFRaAf1pBJFk-W-03j_ARnYbgU-Z23jJLtCVbCwbDfk69sbbr44NyUaUkQ&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e955eaebb7f7621295c1eaa0bffd424ee37472aba1d8f2fdb2923c52974d215d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:55:48 GMT
x-content-type-options: nosniff
age: 569774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28235
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 17:03:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 08 Mar 2023 19:55:48 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 88A9 25 KB
26 KB 45ms
8ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRv9vxVP4HjWRyB5HU6aZgTGRPI5qTWckl4ZbxXdhmFvY_-Pk-hPhUjwFHwA90&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73a75f77daef3dd6f9447f21061136b51950f1e81fc61bb3058eae844727b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:55:38 GMT
x-content-type-options: nosniff
age: 569784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25800
x-xss-protection: 0
last-modified: Sat, 01 Jan 2022 04:27:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 08 Mar 2023 19:55:38 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 88A9 25 KB
25 KB 50ms
14ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS8mQJg_ZMgQQPZl0pX-Enrf35-otD4OjM7cDbj3K17FY3cJwaxs7I8dfA9hdQ&usqp=CAI

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9450dbea0b3f730522d9bf26d624c024beff332513844fb81a680f009cc01a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 21:47:28 GMT
x-content-type-options: nosniff
age: 44674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25242
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 17:58:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 14 Mar 2023 21:47:28 GMT

GET
H3

200

16954104317476786032
tpc.googlesyndication.com/simgad/ Frame 88A9
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
https://tpc.googlesyndication.com/simgad/16954104317476786032

34 KB
34 KB

9ms
9ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16954104317476786032

Requested by

Host: d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
URL: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 20:07:09 GMT
x-content-type-options: nosniff
age: 137093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34759
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 08:47:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 20:07:09 GMT

Redirect headers

date: Tue, 15 Mar 2022 08:31:40 GMT
x-content-type-options: nosniff
server: cafe
age: 6022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Apr 2022 08:31:40 GMT

GET
DATA 200
OK truncated
/ Frame 88A9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67a044b161b4144a2304ac43d7c59b7bc14a479ca46dc81cb2bff544555dbf7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0ADC 0
0 61ms
61ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=3971075495976942&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7817 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13775
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 10:08:27 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 88A9 20 KB
20 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:31:14 GMT
x-content-type-options: nosniff
age: 484848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:31:14 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 42C7 0
209 B 32ms
7ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 10:12:02 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E84 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 09:30:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 09:30:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A2C9 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BW5DTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 134D 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VrTX2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7817 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wJyboQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012202142035000/ Frame 3ED8 220 KB
61 KB 47ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61563
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "74cdf3878bfbef53"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 3ED8 16 KB
6 KB 59ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 3ED8 96 KB
29 KB 60ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 3ED8 5 KB
2 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012202142035000/v0/ Frame 3ED8 42 KB
13 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 54022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Mon, 14 Mar 2022 19:11:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Mar 2023 19:11:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3ED8 6 KB
670 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:22:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 10:12:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 10:12:03 GMT

GET
H3 200 sv.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3ED8 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/sv.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a156849b40fa6cc8f51b9aaade18f983bdd7c626fc89a5df98dbdc9d6c57f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:10:42 GMT
x-content-type-options: nosniff
server: cafe
age: 25281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 8255909099252761064
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2276
x-xss-protection: 0
expires: Wed, 16 Mar 2022 03:10:42 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3ED8 295 B
321 B 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 16 Mar 2022 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3ED8 0
0 28ms
28ms Image
text/html 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfEhEcmYwYvywHeCC9u8PpdK6wAKJrJaEacm57vaRD6eShqXOKhABII3kvSlglfqkgrAHoAHTsfnIA8gBCakCCcPyHGBssj7gAgCoAwHIAwqqBI4CT9DkWyLGM1ipp9kYdUaxNFkMo9zFJLaa9V8kaH5BFxwO_DP843m9GDtiYewlP3jokwZYwyOsKkqHx71InJ-jiuvxkcYSa9AlSKojU1cjHIWgrjxYAIvoefnzefAa6Z0GnlnE6jITDnXl8f1kyhGqBC-JklCSLSLS5ekSIoB2B35-DehS5R0kwodisffCEJBgnDnzjwqyjqsx8XuanhbmDZrEybvl01bb_Ics8WLkPxUHe9OWOoTPpXzYczl6G3Ms_uOeLnxyroSZA5ksinv87ZMce-Xiw87IwidTqCTcY1Z6lHE-AwbPU_KgjA1M_x45LXeNlPeAkGETrZdu9IGg_z8CqPNj3KcP72AzBIQjwASk9sL57wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH1pPlOKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIL7HNIICQiI4YAQEAEYHYAKA8gLAdgTAogUAtAVAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=O7LUw6BxYHY&uach_m=[UACH]&template_id=484
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams17s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/16412477109594916746/ Frame 3ED8 28 KB
28 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16412477109594916746/2076313506083323656

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce639efee0f686f688bf175ace9178ead68d4651bb07c7463eec747c03254cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:55:28 GMT
x-content-type-options: nosniff
age: 123395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28528
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 17:28:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 23:55:28 GMT

GET
DATA 200
OK truncated
/ Frame 3ED8 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef3d0d0262abdc922c4fd2d33eae57aece3203c5fb3683aff1e6739f678496c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3ED8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ca0201d2d50ed21edaff8ec1ce261ff26c074556d1f77ca0adfa481a4aed529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3ED8 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsapp.com.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 490544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3ED8 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://windowsapp.com.se
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 490411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:58:32 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 1159 0
208 B 9ms
8ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 sv.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3ED8 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/sv.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a156849b40fa6cc8f51b9aaade18f983bdd7c626fc89a5df98dbdc9d6c57f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 03:10:42 GMT
x-content-type-options: nosniff
server: cafe
age: 25281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 8255909099252761064
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2276
x-xss-protection: 0
expires: Wed, 16 Mar 2022 03:10:42 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3ED8 295 B
321 B 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 16 Mar 2022 09:53:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 11F1 0
0 22ms
22ms Fetch
image/gif 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV64dJvWc6_guZWSGaJ3hyNvfqrY9iC43mibq2yf0dlTeBGShOE_hebxUSrog4P0faWsta7W9Po2g-RpLbsNjz4l8qASxx0roPbszxPceu3_7ukLfoAZNrDzRhBDmhpppgjPvY5oJXz766ILVwHMFb7VsQ2NI2zlQBsuNmDJTs_kVNTYXiypU3wMDB93aduKEudBKH4t3MdUNnfPjDZ92D9SzKBnK_gIMigwDsS6QosjJFi26Tv8cnu3ge2f4bNLBQIgEbRYvZx9-AofGSvD5VPmsL59gpgL2RAL8oiuP5tcN_uUaHXol9fSwwTpDf9x29bBoqZdkkxI8fMmbm8G7vTegN9g&sai=AMfl-YSs-uv-zKm7chvs3kOFtzzb2pkSt2QRjct4wm_vd14r7S8FmDEzS0TZWowW16cJlmZ9Cx24wiu96EQL4EwR-Y0rZAGUuEvSW5lWe1nMYAtiOios4lzl4xmo-ECmqP4&sig=Cg0ArKJSzD5a8H7Q_CtVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 5493 0
208 B 7ms
7ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://windowsapp.com.se/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 71CE 13 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4980
x-xss-protection: 0
date: Tue, 15 Mar 2022 04:09:13 GMT
expires: Wed, 16 Mar 2022 04:09:13 GMT
cache-control: public, max-age=86400
age: 21770
etag: 12223946614886178233
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 11F1 12 KB
6 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8996d7b9fba17a4ad4880bb154f6b56d33f9ff87ecf4f830bc0488cdc1616f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 09:24:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2883
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5307
x-xss-protection: 0
server: cafe
etag: 5818309846818389003
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 10:24:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 11F1 85 KB
29 KB 79ms
9ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:03 GMT
Content-Encoding: gzip
Age: 1646013
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21958-LGA, cache-hhn4036-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1647339124.691687,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2, 86476

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 11F1 0
801 B 74ms
14ms Image
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwindowsapp.com.se%252F1058455218%252Fhogia-mypayslip&e=wqT_3QLHB8jHAwAAAwDWAAUBCPHMwZEGEPuakufau5vxCRgAKjYJz_kpjgOv5z8RvXpw0o8h5D8ZAAABAgzgPyG9DRIAKREkADEBGbgAAOA_MNnIzgs4_xxA5R5IZVCnosslWJbFhgFgAGjAtFF43egFgAEBigEDVVNEkgUG8J-YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gI0aHR0cHM6Ly93aW5kb3dzYXBwLmNvbS5zZS8xMDU4NDU1MjE4L2hvZ2lhLW15cGF5c2xpcIADAIgDAZADAJgDF6ADAaoD6QEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhAR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0KgFfYj1BS0FtZi1CVVA1VGdFVjgwcFNjUmhUN241LUg4WGpZM3FnZ3Mxd21IbTlYZ0VyaFluX291b2pRYVpJTFB2YnJVeXhzWVRXcmNUXzdsRkxESXJ3SXh1bXhrVzcwYUxUY0VjdyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhI3MTIyNTI0ODk5MzM4MTkyNTkiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwxOTMuMjcuMTQuMTCoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFq97ir5m5_9BJwAUAyQUAAAAAAADwP9IFCQkAAEkecNgFAeAFAfAFxrcD-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBu6PAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBws1NjA5MzA5NTg4OboHDwgFKEQgADAAOLoGQADIB93oBdIHDQkRSAFGCNoHBgF-8MYYAOAHAOoHAggA8Afs-wOKCLQBCq8BAAABf40QKWgJ4m3drOSNe7rkB4s4v3wC1ICAZm2Xju5Rml1K5VQF714ZpMLtYbhEA_teIURCAv4qL0ivRpaYBtUaxMH9iVS5JUC83rXtGW59bVcf0zphiy1yK5O7yydHDW2rN3xQeVH-3ohV1cNJFuaVD22fpO1TNCeK0U7hQF_Bm-cXiKqZnaWHscJXMtpwT0IccOos_HgAZ_Nvrrs-_86FejgdSm7zFkumD2igXRAB&s=6557e10a84c92158e571ca4759aec4108f49531c

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:03 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 00b6ec1a-75db-481b-aa69-a4f0de7aa512
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 11F1 0
20 B 28ms
28ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Djs0Iu5Ov3ATQXL1P_K5CBsQcPV4yUXfAS7x37BrB4uYx1zNujaCuqjPzeOxQOiCgrw7qRdmcaVnhcPO3wkSAhxH3I2g

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11F1 117 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 42C7 0
20 B 32ms
32ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030702&jk=782662221757391&bg=!jI-lj8vNAAb7UztL-1M7ACkAdvg8WtfOntellI8B61WgqR6i02sBB_Dh5LgYaBvvesHW3DjWRmg6KwIAAAFIUgAAAAFoAQcKAEV4tB6odEet3wKa_WGHCvJSom24priRuQxMKiVlKX7YGX-wLKNvUNbUJTCl5iAGskhC894w5ncY1fldpwMwYk4dSAS1qC2ZAwhvivYk2EBo7la4AO5qJ8nG_kwQv-QPi2OUyBHTvrjxiaXixAU9G_wfEtV675UmpI7zhpZoU2oyBFE0dKxaumN2I6P3e70JFlJ3RHfDjAtCUa5XGnUD0cZ4Zhvn1PLUGf8QUHl5QML4Ho4q66KpsAupeeMUVkCPyEtuKgFWhDZ9hQsIG2gj-a9Gqbq0uM2-8wrHxk4DWgFSzxGRYB8bhIKO5cJcjpEyuBT4CIMXpZb7GWu8GbwE_6emBG2tnR9k78RFgeCjdW3JxUhLCdyVAAA4wD6xds1xiAnVOpVwBo21LmdbpWFDoHWFt8rDOqPrHLyrrBIrdZfxEj8FffL-mZv8n1nYspSLKO33LCPqhy2GsXBFgu8Gtz4wEetYrEXPKjMz3cf_fseIK_8oVvQm-7WPvnCMATXhZY7kMnmR3QzJkX-EdyAswRFlsF4Wn7nzFAnplzp2vc0gTl3JBbijXDuEoHeabOXuo6pzdcTtWJYyeqGq30Mf3mi7aYcIvy3rcZZa-ra5Tyctf70L_Wc5R_N-1cbdWjdMXyyRCoZtw_BrNbx5CPv0jSVIvQK_1yVF9dFjpp8l5sovkKwSa9L9xZPGREMLy8aRpvg-G9Y4mSx4QG7JsV8uww1l0MPCcoqHuqYuGXMLkw2ukPe-OB_XjWooY9AGDeXt8psQxZc1U9SLVlH_QzpWbThymdZYWRBrgLpzvM0nAnL6afs7pJoBMbG3FhtQC1SpdAYFcJ7fbpsOntY_AQRPXXFPxsgBxpSqE6KBEz2ssWURcXzOVHSttrY9v1V5WY9m6eMfw2otoZCVh34MjhUyRpeTUhOdHxQtKrWZZQ7uPwFppOK_xO72ofdEfxxIwk7gnJkeYcmW1s4WJ6CE9wWrmDz_vxjCGfoSJdHIeKSOx_KAjs9j6cZpGWr2i_TQ78ZdVMM4A6YdeI4sHQp8sv3sxvnkq4yFjMHjFvxCnTpia7DiJwGd15-moOOJLBB7sgZAG4jBIr6zpIOYMsOgWjZwXZio2uC4EjjVGVwECvF1eQrloA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1159 0
20 B 31ms
31ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=2135003454331089&bg=!tbaltvLNAAb7UztL-1M7ACkAdvg8Wje283-hrGueDbu8b36gp1RJ5tJGTqnRo29LXzqMhs38f290ngIAAAFzUgAAAAJoAQeZAxSpH88xcPGEroKVMNMDkqUnMpUDOzcRk6aiykUIM-b_u0cmXPY1DTYNxZP15TAkVSuhLeIxT-xhxDukV-2Uj01h9-wk3fCaYwJPTmoaqXC570mQfumFinpV-J7XouDFpxWNyyGSvbUYVG248hzhFQGssuLc-NyQkSf7DcOcQE5CmkSswxdm8-jSZjrauDT0xCRRxH9LpH4d4gEps1xn09leGhQ3E0vNM19PXHiPL6WG8wlgNn-JCQjy4Yz5oLbjFXLATsGPISgPZTtGz1PLDLoP3IniON4OGLoOoTRZgQtm-Ii3rG8is6tKbjX1NWGw2-9MSp30KsLsaLcu7vTPgUK1tOFuo_uaLfK8RiprINkjVvnOaT0hyzZu43iaUnVdCgVAphDdUeZ8ATiczUQ69wGtPSoeYaw_quJdgb0onwuRs1tnGF8FIbm77hIXLbTHY-xe4c16cErJ6uc4dLcgxi5fLxjZCR7DqVV9Q4hwVZo1k8pfHWiqNGvuyaCkrH79CcMQ45CF_ltuWln1uxF-nHuGBydwFPr6sLoxCQM1kdj53W_Uo7ZgyZowSfULF4YMcrKY45NFG4GnlINmL_XFV2Y8ePnFBaUx8Wx6vMOb5tBLLQN-6FL5GQTJ7grzZRFpbfL_c9YfYWglm6QrsT5NYn4r2lT0GZxZvS0ziUTac6zNJUvOi-ohPuYhiRmY8zV2ce1hrGqrXC9q3_QqZZjI7PbzoPUcPY_L8OVQG8sj3NKQVGkwG3S4gVKX110R9O4hKguEC9FPEjjF_fiFSqGE_Dp2xuexXnVRwYu1EYjG22wnyi-MbOJbHU6v856l2bOiCblmnWm2QX3E-Az6zJInMQDslxOMJhbAg71TOETOkv-xqrB_azmgtaqCctqfi4iOVxIMaI_Jps-oeuHAw18eoKVhdijmrSRVyxkHnUHjlRLMGzamWEMRYKhG6l8h0pfHHemuE6ES1tuFhrl2BtTlHXBgheEu0cdoIEt97Tv6lGVBworerDLYMHgBgOC4gVy6Rn3RqGwtpafYkRFrB1Unf4lDT17KwQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 11F1 78 KB
29 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b8e193386fed60dc19da4653d1110cfa763172435639667fe1fd2ac802c943c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29967
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258233706532"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:03 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 11F1 0
801 B 22ms
17ms Script
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&e=wqT_3QK5Lsg5FwAAAwDWAAUBCPHMwZEGEPuakufau5vxCRgAKjYJz_kpjgOv5z8RvXpw0o8h5D8ZAAABAgzgPyG9DRIAKREkADEBGbgAAOA_MNnIzgs4_xxA5R5IZVCnosslWJbFhgFgAGjAtFF43egFgAEBigEDVVNEkgUG9DYCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgClkTgAu_5LuoCNGh0dHBzOi8vd2luZG93c2FwcC5jb20uc2UvMTA1ODQ1NTIxOC9ob2dpYS1teXBheXNsaXDyAgwKBkhFSUdIVBICOTDyAgwKBVdJRFRIEgM3MjjyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTkyNjExMTEwNfICnRAKC1BSRV9TQ1JJUFRTEo0QPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmOy8qCgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KZnVuY3Rpb24gayhiKXtrWyIgIl0oYik7cmV0dXJuIGJ9a1siICJdPWZ1bmN0aW9uKCl7fTtmdW5jdGlvbiBsKCl7dmFyIGI9ZG9jdW1lbnQuY3VycmVudFNjcmlwdDtyZXR1cm4oYj12b2lkIDA9PT1iP251bGw6YikmJiI3NyI9PT1iLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcignW2RhdGEtamM9AURQXScpfTt2YXIgbj1SZWdFeHAoIl5oQSHYPzovLyhcXHd8LSkrXFwuY2RuXFwuYW1wcHJvamVjdFxcLihuZXR8b3JnKShcXD98L3wkKSIpOzkVBHAoEeAAaAVhDGM9W10FCSRlPW51bGw7ZG97AXgYYT1iO3RyeQUMLGQ7aWYoZD0hIWEmJgEkHCE9YS5sb2NhQQEgLmhyZWYpYjp7AS2QayhhLmZvbyk7ZD0hMDticmVhayBifWNhdGNoKG0pe31kPSExfQFeCGc9ZBkXAGcBFgxpZihnCZkAZj5eADg7ZT1hLmRvY3VtZW50JiYZDCgucmVmZXJyZXJ8fAGXJH1lbHNlIGY9ZSwNy0xjLnB1c2gobmV3IHEoZnx8IiIpKQXVJGI9YS5wYXJlbnQZhgBiBf_wQH19d2hpbGUoYiYmYSE9Yik7YT0wO2ZvcihiPWMubGVuZ3RoLTE7YTw9YjsrK2EpY1thXS5kZXB0aD1iLWE7YT1oISs5HgGuNSo4YW5jZXN0b3JPcmlnaW5zbhwADWsAPR11ACkJhgwxO2I8EYpMOysrYilmPWNbYl0sZi51cmx8fCgFCC5CATp2ABRbYi0KMV0hDBgsZi5oPSEwAeMpIgBoGash1RQsITEpO2YlFiUCBGU9MgQBIDA8PWU7LS1lKSG6RD1jW2VdLCFmJiZuLnRlc3QoZwGPICkmJihmPWcpLAUOKCYmIWcuaCl7YT1nSRsAfQ1dAGUV5gQmJgHMATsEOzBBZQBkIVoIJiZlBUgBGwgpO2MFrRhyKGEsZik7bdIUYy5nP2MuBWUMOmMuaQFAEH1mdW5jQaA0IHIoYixjKXt0aGlzLmlB1QEJCGc9YxkiAHEdIgh1cmwRJBRoPSEhYzsFLwWIJQoEfTsVWQB0dUl8cCgpLGM9Yi5pbmRleE9mKCI_Iik7c2V0VGltZW91dCgRMw0xFGU9dm9pZIU6GGU_LjAxOmVBNUQhKE1hdGgucmFuZG9tKCk-ZSlpDwxhPWwoIaQAImX_aDovLyIrKGEmJiJ0cnVlIj09PWEuZ2V0QXR0cjZrBGgtcmNkIik_InBhZ2VhZDIuZ29vZ2xlc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGQ9KGQBsQwpJiZkWpkADTEwIil8fCJ1bmtub3duImHjSCtkKyImc2FtcGxlPSIrZTthPXflCiEdNGQ9YS5uYXZpZ2F0b3IpMg4AUC51c2VyQWdlbnQsZD0vQ2hyb21lL0mFIGQpJiYhL0VkZxkRHD8hMDohMTtkYX0VUSwuc2VuZEJlYWNvbj8daB0XGChlKToKKGEtRkBfaW1hZ2VfcmVxdWVzdHN8fF4aABA9W10pLAGukb4ELGQ5_ARkPxEWPDpkLGQ9ZC5jcmVhdGVFbGWB6DwoImltZyIpLGQuc3JjPWUsWnwAieIYZCkpfX0sMHURXDA8PWM_Yi5zdWJzdHJpbmcoMCxjKTpifSlREC5yZmw9XZRtRoBlbmNvZGVVUklDb21wb25lbnQodCgpKX07fSkuY2FsbChhC5gpOwo8L3NjcmlwdD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhwwxwb3NpYYJkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIAH7VfhJhUrKAkGnDR4uowIUYXdiaWQmBQbwhl9iPUFLQW1mLURqczBJdTVPdjNBVFFYTDFQX0s1Q0JzUWNQVjR5VVhmQVM3eDM3QnJCNHVZeDF6TnVqYUN1cWpQemVPeFFPaUNncnc3cVJkbWNhVm5oY1BPM3drU0FoeEgzSTJnIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEagGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKZAQoMUE9TVF9TQxZvCQiIATwpajYIAWnKUGFkcy5nLmRvdWJsZWNsaWNrLm5ldDEGPHhiZmVfYmFja2ZpbGwuanMBZQlLAD4NUwA-nZUkIHtyM3B4KCc5Mhr6CRwnKTt9KSgpOz3qEPETChBIAZ00UE9SVF9QQVJBTVMS3BORlIqUAPB9YWRmZXRjaD9hZGs9MTU5MjIzODcyNiZhZHNhZmU9bWVkaXVtJmNsaWVudD1jYS1wdWItMzA3Njg5MDAxMjc0MTQ2NyZmb3JtYXQ9NzI4eDkwX2FzJmlwPTE5My4yNy4xNC4xMCZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wb3NpQYkgX3N0YXJ0PTEmoeURumkTAHOSbgsQJnN1Yl8NowBiQanwfXItNTkwMTM1MCZobD1kZSZhY2VpZD1NRUplUGdDVjdXb0FieHUwQVBsVk5BSDZXRFFCa21BMEFZNWhOQUhsYmpRQmduQTBBZmx3TkFIQmNUUUJVWEkwQWFoeU5BSEljalFCU0hNMEFaRnpOQUZGZERRQmYzUTBBYTEwTkFIRQEQLHpYUTBBYzkwTkFIaQEQGDQzUTBBZWgBEABzARAANwEgAGUFIAAxARAALQEgRFFKMU5BRU9kVFFCRDNVMEFTaAEQADEBECxSblUwQVV0MU5BRk0BEBRVWFUwQVYBMARGWgEQAFcBMARWOQEgAG8BEPTRCVMzTkJBVk56UVFFQmVVRUJ6QjFjQXZFZFhBSWNIbHdDUVBlSUFpZENxZ0lvUXFvQ3pXR3FBdjU0cWdKbmlxb0NqNU9xQXZlYXFnS0FtNm9DZ1p1cUFvS2JxZ0lncEtvQ3M2U3FBcUtvcWdLeHE2b0NMS3lxQWlPMHFnTEh0YW9DQXItcUFzX0FxZ0tieGFvQzhNdXFBclhNcWdKdjE2b0M0OWVxQW4zWnFnTHMyYW9DdE51cUFxX2VxZ0tMMzZvQ0hlQ3FBcl9ncWdMSTRhb0N3T09xQXFEbHFnS3k1YW9DNHVhcUF0dm9xZ0s1NmFvQy11bXFBZ0RycWdLUjY2b0MzLXVxQWdmc3FnTDg3S29DLXUycUFqTHdxZ0t6OEtvQ0ZfR3FBcl94cWdLZjhxb0N1ZktxQXNEeXFnSVU4Nm9DWWZPcUFyRHpxZ0xDODZvQzBQT3FBaVAwcWdLUzlxb0NfUGFxQXJQM3FnSW0tS29DV3ZpcUF1RDVxZ0kwLXFvQ0pmdXFBa0g3cWdKVi02b0N1UHlxQW5YOXFnS1FfYW9DMGYycUF1TDlxZ0xvX2FvQ0F2NnFBbXItcWdMaV9xb0NtM1FrQk1HenhRWDZRdHdKZ0d6TERrUnZwZzhyclBzU0ljWDdFczdSLXhKLTJmc1N1dHo3RXRiaC14SlE2X3NTNy16N0VnWHQteEp5N2ZzU2JPNzdFc3Z2LXhJMjh2c1NVdkw3RW9EeS14S0c4dnNTa3ZMN0VyN3kteElDOF9zUzdQUDdFaG4wLXhMXzlQc1NLX1g3RW9MMS14S1o5ZnNTWjEzUUVfcFdheG8tU2ZwQ1Joc0hhZyZleGs9OTI2MTExMTA1JmF3YmlkX2M9QUtBbWYtQ0dobWtMT1FHNDVLUlFIZ0JFRi16b2hPWWZ3OWN3Z1plNER1UGRacjNfRjRVNFVmOEhKaW9NYmlVSXpKQ014cHROV1B3Wjc5RmdWeHlBZ0dmT1FsbkMxS0ZWeFlOUDl0aXJDTUVRNnFIMUJXOWZGV2VKR2ZlZUc5eExCM3V1OVJ0NHNDNTJidTB0ck5QRWZPZERPbjh5cmctLS1xalRTUXhhMVRhZnRJc05VMDlYUE1jJmF3YmlkX2Q9QUtBbWYtQlJKSVE1VXRUN2NFMHo5WlFrUWtqV1lXekpXaHJkXzRQek82R3hndkhCS2p1bUk4ZW9lVmx3Y2pkZ2VObnNxSm1xcXhIVGYzcWxzNHV4eEprcXhIVVhBOGhhZEt2YUtHam1jb2oybnpZT0pkSjhqbXhvXzM1T25jOGJhWUFMX0xXcXJTaUt6bjlidW5aUm4xRkhuSEkyeEt3clVYcUVHQVZFcHdkeGgxaHgwSW5lanROLW42WW1MeFlaQW0tM0VrT1FXQl82TzV6M3Zpb0QyZ1hTM0RxNVl2TFExd1l1bnhISW1uWWFnOEhfcThwV05DUzN1X0ZDUUlSRFhKa2RnZkJqa21SblBrS0hvdFcybmdiYmNJS1FfV2NGejlvR0tLTEpVMmJyNHA4OEh6TUtKemE0MnJUcUFISUI5Q3EtV19zRWpHZGhsWlBiTnJZVFk2N2wxN0NaN1JLdjRiZFNlS29CckVmR2NzTXNERG4xSl9laU9zYlVIWWR5ZmZ1V1VRS1ZuYVlSNi1YR2w5YmhUcWdwR1BvWkF2SDh0QTZNVDRleDdOMUVISkx0VmxtODc1OENvLVlqYlQzMWZqLTMzemdMQnh5cXdRdFhPc08zb0VlYlhIdUJPUnRYb2dFTXpVQ3VwY0ZkcjF0cWlKbkNOOV9Ba3N5ZnZYYkJjX1YxUnpQd25SOWVZN1I3SlNSQVRKaFVmVVRPdHhQZ2JucmxXWmdWQTlWVG1JclJoZGhLcE1IUmN4X2NuRnZBUjlqVHJCaXFfcVJqaS1sVzk0UmRFcWM0dEQ2WGh5bUhvWUFhWWVUUFpaekx2cDFKaWZkNUVtc0N4a290UXZFdWd5TlVsNVZMRWJ6dDNCa0U4clM1Tl9ZNzNOM1BnWk4zTHljanhuSm9OT2J3ZHQ0OU1MRlJUUVhpVDFtR1cyZ2tEN3lURUZQODhtTU5ZbWVnanNnQlA3VEhpbWVvZHA4QUtMOEVXXzhoT1BYN3VBZTN0TGRDdG1JZFdnZElOUXhyaFRfTzFwd3hmYk5EREpnRmc2NGxTaWlqVDczVjlzRGVaQ0MyOFFBWEx1a2pqS2FVMkhVZ0dub2IzT2RpZW5IenA2aVJsT3FXdHVua3VFN3RHUjdpeVF2bEVFM3hkRFlORjF6X2RhUkhnRjkzdUJtcFBhTldsNUdTY2xhVldCb0M0VjNiM1NnaktKc0ZvcVJzOU96N25QanBTSW43ZmNFcGVkMG9DYVV5RTYyRzZXN20yWjJnMUlBa3V1UlB0ZmtGanhVVEdTSmpJaWI1M2VJQ0J3QVM2ZXlCNVNnYUJ5NEtoNWhKenAzTG5TZDRQM1dMRWtHeUhQTjhxaWpzOEJTR2RFT0dPVmpRSGdxRnNlb3Q2NnZCRWhvc1ZMdVg5RzJBbVVtUWRvYjczYW1wS2hCUG5uU0NnLUlNd1JLbkdfU3paS2xIdkZSVnlVRnd1Y0JfN0ZCZkc2YmxmdDlMY1ZGT1pRMENlOHEtaUw0Q0JVUzVBR2d4cWNvJmNpZD1DQUFTQk9SbzVJbyZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE5My4yNy4xNC4xMKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASnossliAUBmAUAoAWr3uKvmbn_0EnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXGtwP6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLNTYwOTMwOTU4ODm6Bw8IABAAGAAgADAAOLoGQADIB93oBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAH7PsDigi0AQqvAQAAAX-NECloCeJt3azkjXu65AeLOL98AtSAgGZtl47uUZpdSuVUBe9eGaTC7WG4RAP7XiFEQgL-Ki9Ir0aWmAbVGsTB_YlUuSVAvN617RlufW1XH9M6YYstciuTu8snRw1tqzd8UHlR_t6IVdXDSRbmlQ9tn6TtUzQnitFO4UBfwZvnF4iqmZ2lh7HCVzLacE9CHHDqLPx4AGfzb667Pv_OhXo4HUpu8xZLpg9ooF0QAQ..&s=7a428166dac08bc6e9cb05747506e8089238db98&bdref=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip,https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip,https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip,https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:03 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c2216389-0b9c-42af-ae99-d5a8c7e605fb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 71CE 103 KB
34 KB 105ms
90ms XHR
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aea4c1c63dce7e4d558c26c721ec727de5dd9dbf147ada8e4c1fb71d09680fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35187
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5493 0
20 B 32ms
30ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=3971075495976942&bg=!FxSlFFDNAAb7UztL-1M7ACkAdvg8WpDcM9yS8wuUR6NfHwvizkvn22xSbzccNe7jvCmP9LmLRRbuqAIAAADiUgAAAAFoAQeZAyAeSeaIfpYdsQLI1_nnGMjcQUtEtumpG0SZhhLG7USWpczwQtJHFZqbCh-vHT-ebJBqnBH-T117PNcAYu7o8TFyZ5bCPLYuOhgpvoA1s8LOe9HuAcuGLKH_H20REzrueJ60ea6BK7SvNH2t-FOtCWlJLMESJpM_eVc07zByT9Tjd6MAGwbDcmu7RQ0Ejn3Fl8wgKssYdMGp2v_p5fz5EqEZqYXG9usB0QzwT9A_iUPbZbqFSLlr0ueW6MnIrKlHLMkJtnMBk1wnldkoTaCG2EWQKUO5VCjx-GcJKnJfK7N-VYkfDSfhPl0PIIKWaqbk6eATqHsEUpHvQAHHHH93pH5hSdwZJXu6H8h3-CerMVAM6ZbzRUr-c51ryOo7e1o2xUkv15S5NOi5JUWj-FDQlNoZ7fKLdCLJmwDJjXaY5qmb-ZOtRiV8yJ6j4L_NKqeR4nxpjmUm2uTqvJoWKN62kH98Bi8Qb1AQgcn68yI5-3YoYpoNISoIxXzLKXbprAX8ED0Z7-l7n3LQSHO9b5YP6qLA-lrU_cX_qo0XlRCeRiaZWFyobHJAaNCGTtDE-laL_jO0AwSCZnNA5OQaCnKw-JPjRdhLmyZ0lnYbKRvln-6YwP6QtS6-o42vj3hvsl5DkH1TZEG41yoLPUUTDuHtk7TdTrJeuB7GxZdDLeHRkD6tG1bbveJB2yXSwfNHS5d8WW1gk2-QGunq5s8xXvL4bCJ7BfakbeqHiB0JJTJ9BEZWtxxLTT-Ri18BfPq213135thAnioTGLdz4ulOpdHP3u5dOnOBo8x0CqDFm9Y085WBnOl2Yt1Y1GMZ68oPsT92MqpsH0StD2Q28kWCkQLZCsJF_X9ZUo2yolF-kDoyGvlqvh1OKMeGLbETM94WL_XNJQcE60vDuuetiaGRPZQrMGXMPoZh2BwCUWvoiysBIsfljg2Zg454WB-lljyLlksoE2dN-yQjr7ML34nDJEI_CTRzuGUHgf7XSMKFOX0k9-uFWePhs9OUwbShPCVrx5m_HNftsOUztESu5kVgyo3B5KVlfpVjY28BIc1FYmBnheTzKA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 11F1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b83a64a52e3d89a0c56df6b9bd1b68ef725ebc01dee751d09f0e459db07d686c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 11F1 0
0 23ms
23ms Fetch
image/gif 216.58.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP2CHB8oET5o2-xo7y2_sH75PGbjO6ebn4vx6B3o9nEZjncJDOe-vUE2h2Zp5NK-URQYFYjs-9b-9E1J61XQUsyNRyuBi4Y55GlByDwm6D7cdReP_a0_2hYqhDT1yEWH11E_G4AVxuE1v5MfZjpKOewsqdNs_5VUpxX7e3NJ0eLf6tTDg3y7RkjlMqI5sNwQRpvIxqafy5QVssYaiezQ-S366jp7iJ3AuWd4MMt6IiJrhZPPqWh-S6okcfquQCZRBJcI-NErT5EaMtsgA7rIZuCXBBVJKqPvBpwvRUAeYPNb9Odce3ZsDQO-9W8o-Gsm8NETT46eCg1Y-9_rnekOhgrAFdfOht&sai=AMfl-YTdJEmv1S7MT42g5q-feWlfmpbHLDfjw_MlsN2EhuvqNIrQi97_pLb2yKltPFuhdMvEawqVlVbrnBOCuaBCBBZhjQD54egDJj8PRKLsNyfTSaG0EVgCVddd3W3qXJ4&sig=Cg0ArKJSzNfX_8_A0n0FEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 15 Mar 2022 10:12:03 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 11F1 0
825 B 46ms
45ms Ping
text/html 185.33.220.216
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwindowsapp.com.se%2F1058455218%2Fhogia-mypayslip&e=wqT_3QLHB8jHAwAAAwDWAAUBCPHMwZEGEPuakufau5vxCRgAKjYJz_kpjgOv5z8RvXpw0o8h5D8ZAAABAgzgPyG9DRIAKREkADEBGbgAAOA_MNnIzgs4_xxA5R5IZVCnosslWJbFhgFgAGjAtFF43egFgAEBigEDVVNEkgUG8J-YAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AKWROAC7_ku6gI0aHR0cHM6Ly93aW5kb3dzYXBwLmNvbS5zZS8xMDU4NDU1MjE4L2hvZ2lhLW15cGF5c2xpcIADAIgDAZADAJgDF6ADAaoD6QEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhAR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0KgFfYj1BS0FtZi1CVVA1VGdFVjgwcFNjUmhUN241LUg4WGpZM3FnZ3Mxd21IbTlYZ0VyaFluX291b2pRYVpJTFB2YnJVeXhzWVRXcmNUXzdsRkxESXJ3SXh1bXhrVzcwYUxUY0VjdyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhI3MTIyNTI0ODk5MzM4MTkyNTkiCDc4ODI3ODE1KgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwxOTMuMjcuMTQuMTCoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAFq97ir5m5_9BJwAUAyQUAAAAAAADwP9IFCQkAAEkecNgFAeAFAfAFxrcD-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBu6PAdoGFgoQCRIZAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBws1NjA5MzA5NTg4OboHDwgFKEQgADAAOLoGQADIB93oBdIHDQkRSAFGCNoHBgF-8MYYAOAHAOoHAggA8Afs-wOKCLQBCq8BAAABf40QKWgJ4m3drOSNe7rkB4s4v3wC1ICAZm2Xju5Rml1K5VQF714ZpMLtYbhEA_teIURCAv4qL0ivRpaYBtUaxMH9iVS5JUC83rXtGW59bVcf0zphiy1yK5O7yydHDW2rN3xQeVH-3ohV1cNJFuaVD22fpO1TNCeK0U7hQF_Bm-cXiKqZnaWHscJXMtpwT0IccOos_HgAZ_Nvrrs-_86FejgdSm7zFkumD2igXRAB&s=6557e10a84c92158e571ca4759aec4108f49531c&type=nv&nvt=5&jm=1003&px=291&py=1502&bw=728&bh=90&sid=3013916121127728178&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24355929&sw=1600&sh=1200&pw=1600&ph=3588&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.216 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:03 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 872.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e5b4fc7c-3cd1-47b6-a957-56237ccf1ae3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://windowsapp.com.se
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 71CE 8 KB
892 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:17:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 10:12:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 10:12:03 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 71CE 2 KB
1016 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

647367edb473a569f80c0fb035ec50908b0b37e995c63663c02552079b974e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 09:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 985
x-xss-protection: 0
server: cafe
etag: 15191321979658692665
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 09:59:39 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 71CE 25 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 5177785407398320510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:11:36 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 71CE 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 218260476562286327
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:02:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71CE 117 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 10:12:03 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 71CE 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f0d1ecd1c493936469349b254e5512be76e360e8166156f90bf7a2db6447e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7506
x-xss-protection: 0
server: cafe
etag: 16942930183375072722
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 10:03:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 71CE 0
0 16ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmizJXGSk0p5xJJxXOoWC2RIWgRpGTejuB7wb53eUTCQlYFXaHwi_oVMSaDaI6ReI8ahY0m5KURy5aZ1LsmNVO0_Ufeg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 fe9da7aa0999c4a2d4b3c5b39152b5e5.js Show response
www.gstatic.com/mysidia/ Frame 71CE 38 KB
14 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe9da7aa0999c4a2d4b3c5b39152b5e5.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d9b75c8bfff970514a3abee8755ef593266d8c7a95d41d5666077af34577390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 15:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14630
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 15:49:02 GMT

GET
H3

200

B22807636.328475542;dc_pre=CPans7rwx_YCFRfRuwgdwUMNqg;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/ Frame 71CE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CPans7rwx_YCFRfRuwgdwUMNqg;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rd...

42 B
63 B

45ms
29ms

Image
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CPans7rwx_YCFRfRuwgdwUMNqg;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CPans7rwx_YCFRfRuwgdwUMNqg;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3990504978;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71CE 0
17 B 38ms
38ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7f2PcmYwYsHDB8zt3wPT94aADvjuivBo3qfeqb0P-4r0_QgQASDml9YlYJX6pIKwB6ABlbavngPIAQGoAwHIA8sEqgT4AU_QshTaRhvvHrIrHAUCtD33v4wPyEeFYxm98F6-PA7DUyyjz3Go3gPVnctKL2iOH-ua541GXD0kZvT5JSCLEmx6s-YZs2VJCXIJqRLLPrLqUY48oHakoPCZoGksw8qR91mGDfa9AnnmwPx8iI3dAkVeSEJmL-tYB5_-2BKobAXuQH0i8goRDm7PcWD-fF2cxTbo4iyDpv180CQpKYsXBlAOmLaSMAvnX8mrZ-mF2hf2yb0Aoi-4qQU_bD0P3khxyUSD2V-twNtp6meKuXj7Pzy7SWt__u2TPcOQK9WOROcUvIKtxs-q7P1x-UilUb7I1llbFA-HuPW9wATR76L70AGSBQQIBBgBkgUECAUYBIAH08nQYagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggHCIBhEAEYAPIIDmJpZGRlci01OTAxMzUwgAoEyAsB2BMM0BUBmBYBgBcBshcICgYIABIAGAA&sigh=vo7u-HDyMvs&uach_m=[UACH]&pr=10:0.740114&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 10:12:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 71CE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8faf6733a946a41207c0907c9977e7403ef84ed3ff3f09973848f45b3056bde6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 71CE 28 KB
28 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 559521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88A9 42 B
64 B 37ms
36ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-hzIKxLvKMIdFqzzf0HPcP7ItWaY7rxNFRD_hojs3MKr8QHFPRu5Muzn3TGpNBgGjZG_eHDbKz2-NWBIdCJF8bOIZU5Uu5gasZ1pankn6EgAdHGMjAfVtLau0kdhPVz0NzV2N3SrrBC_XQQ&sai=AMfl-YR7-4qCAhb3yeYzp5TZ4rlSYF6BlXjDwZlb3Aw-zIzCKmNbIVSpcArWh6SfX6QN_BKuGchOtsByxCRZZfcra3axTeqn5V_Ox9_tsE16wmrxFkmdU2fGApqD_mVfNf4&sig=Cg0ArKJSzHER8krZ0iAZEAE&id=lidar2&mcvt=1007&p=393,310,693,1290&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3843219132&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647339122653&rpt=217&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B6B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js

Requested by

Host: windowsapp.com.se
URL: https://windowsapp.com.se/1058455218/hogia-mypayslip

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13775
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 10:08:27 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 42C7 87 KB
28 KB 64ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:04 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Mar 2022 10:12:04 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4DCE 13 KB
5 KB 21ms
20ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=windowsapp.com.se

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1968
date: Tue, 15 Mar 2022 10:12:04 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 42C7 97 KB
31 KB 68ms
36ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:04 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Mar 2022 10:12:04 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4DCE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=windowsapp.com.se&sn=ChromeSyncframe&so=3&topUrl=windowsapp.com.se&bundle=LKBNfV9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpMjQySHNibHpQSHpmdWtzMnhD...
https://mug.criteo.com/sid?cpp=9msTBnx4Y1FoT3A0MUhLSnlENzljZDN5U3pVVFQzS0NWSTBnanlSMEV4U2o2TDVXL3BtUENJYzZVTjVraFNrTnJ4b0NsNEpyNVR6MWFlS3FYQkIvWlhwVWpqT2dtY1lzV3JPR2FEVFgwVEFGUjZIOExwOHcxOHBpNHh5VF...

449 B
636 B

16ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9msTBnx4Y1FoT3A0MUhLSnlENzljZDN5U3pVVFQzS0NWSTBnanlSMEV4U2o2TDVXL3BtUENJYzZVTjVraFNrTnJ4b0NsNEpyNVR6MWFlS3FYQkIvWlhwVWpqT2dtY1lzV3JPR2FEVFgwVEFGUjZIOExwOHcxOHBpNHh5VFJZTE1UQ3pwQnhPSkpReVhuL1FCRGo4QVI0VWlFd21OeGdRRjdneWJPRmJ0eHVNN2RnQ3p0UkpBRnJyemZvcUtKQjlqd0Nmd1JoaDdEYmhUY0ZhdDNMZWw0dHJzMDl4UmwwNm95cHZrWU5qQjFscXJEWFVKZ3dpYTBRZzZNMnJLQTB3Y2R5c25qb2lHZDJER2hFUWk5dEVqSmw3cGlTZkE2RVJxZXlvd0lKcFJrK1M1Q0piND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e58de01287901c0198e1295279dadb3780721ecd645415497ace41f976b87db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4536
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:04 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=9msTBnx4Y1FoT3A0MUhLSnlENzljZDN5U3pVVFQzS0NWSTBnanlSMEV4U2o2TDVXL3BtUENJYzZVTjVraFNrTnJ4b0NsNEpyNVR6MWFlS3FYQkIvWlhwVWpqT2dtY1lzV3JPR2FEVFgwVEFGUjZIOExwOHcxOHBpNHh5VFJZTE1UQ3pwQnhPSkpReVhuL1FCRGo4QVI0VWlFd21OeGdRRjdneWJPRmJ0eHVNN2RnQ3p0UkpBRnJyemZvcUtKQjlqd0Nmd1JoaDdEYmhUY0ZhdDNMZWw0dHJzMDl4UmwwNm95cHZrWU5qQjFscXJEWFVKZ3dpYTBRZzZNMnJLQTB3Y2R5c25qb2lHZDJER2hFUWk5dEVqSmw3cGlTZkE2RVJxZXlvd0lKcFJrK1M1Q0piND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2296
content-length: 567
expires: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 5493 87 KB
28 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:04 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Mar 2022 10:12:04 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 1159 87 KB
28 KB 25ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:05 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Mar 2022 10:12:05 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F3A8 281 B
554 B 30ms
30ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 629F 661 B
840 B 99ms
99ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 42bfde869393a596a8ac4075e19670ae5fbb4381240e489da56da78163ff47d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 661

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 7A75 926 B
1 KB 75ms
16ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4927
Expires: Tue, 15 Mar 2022 11:12:05 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ec477fc0a9290af-FRA
Content-Encoding: gzip

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame B248 0
91 B 42ms
26ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.0
date: Tue, 15 Mar 2022 10:12:05 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0E46 52 KB
17 KB 54ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 15 Mar 2022 10:12:05 GMT
Age: 16800
X-Served-By: cache-lga21939-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 169779, 333728
X-Timer: S1647339125.120757,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F3A8 32 KB
10 KB 19ms
19ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33292
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0E46 0
729 B 14ms
13ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:05 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 42976364-4af3-4f93-ac7c-9841ee6ecafb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 629F
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d3088ee-f306-4f5d-8cf5-c145250bf84a
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=3d3088ee-f306-4f5d-8cf5-c145250bf84a
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=972af633-283c-45ff-ba4a-9a9a29a082d2&user_group=1&ssp=between&bsw_param=3d3088ee-f306-4f5d-8cf5-c145250bf84a
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a

68 B
607 B

100ms
99ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a
Date: Tue, 15 Mar 2022 10:12:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 btw
sync.dmp.otm-r.com/match/ Frame 629F 0
70 B 53ms
13ms Image
text/plain 88.99.28.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/btw?id=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.28.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 10:12:05 GMT
server: nginx/1.17.10

GET
H2

200

match
ads.betweendigital.com/ Frame 629F
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=stINvNY4V9j.AikABlF_jRA6TA

68 B
607 B

102ms
102ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=stINvNY4V9j.AikABlF_jRA6TA
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:05 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=stINvNY4V9j.AikABlF_jRA6TA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 629F 0
277 B 82ms
39ms Image
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 15 Mar 2022 10:12:05 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame BD20 4 KB
1 KB 80ms
7ms Document
text/html 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82&CACHEBUSTER=864170
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Tue, 15 Mar 2022 10:12:05 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip
x-cdn-edge-cache: HIT
x-cdn-edge-id: 312
x-cdn-request-id: 5f9a3951ee87389d04361bb7bcfc71db

GET
H2

200

match
ads.betweendigital.com/ Frame BD20
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=3d3088ee-f306-4f5d-8cf5-c145250bf84a
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=3d3088ee-f306-4f5d-8cf5-c145250bf84a
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a

68 B
607 B

103ms
102ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=3d3088ee-f306-4f5d-8cf5-c145250bf84a
Date: Tue, 15 Mar 2022 10:12:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame F0BB 0
159 B 99ms
99ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 24C3 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 15 Mar 2022 10:12:05 GMT
Age: 16800
X-Served-By: cache-lga21939-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 169779, 333731
X-Timer: S1647339125.390310,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7B42 281 B
554 B 8ms
7ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 24AD 0
35 B 18ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.0
date: Tue, 15 Mar 2022 10:12:05 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 2B2C 926 B
1 KB 20ms
20ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4927
Expires: Tue, 15 Mar 2022 11:12:05 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ec477fdbc4990af-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B42 32 KB
10 KB 12ms
11ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33292
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 24C3 0
729 B 21ms
21ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:05 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 338a1648-8450-43de-9920-b73175a2ea14
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame BD20
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj1zMGRBlIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj1zMGRBlIFl4XSlAaiARBdk6awpEgR7KbpACWQyCQ3
https://sync.bumlam.com/?src=aid0&s_data=CAIQABj1zMGRBqIBEF2TprCkSBHspukAJZDIJDc*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARj1zMGRBqIBEF2TprCkSBHspukAJZDIJDc*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5d93a6b0-a448-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=5d93a6b0-a448-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=ebKZWvlJr1cQS8W4Dg8smw&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=ebKZWvlJr1cQS8W4Dg8smw&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=ebKZWvlJr1cQS8W4Dg8smw&extra2=aidata&google_gid=CAESEDK2m06ti849hodlUMv8750&google_cver=1

43 B
516 B

39ms
6ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=ebKZWvlJr1cQS8W4Dg8smw&extra2=aidata&google_gid=CAESEDK2m06ti849hodlUMv8750&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=ebKZWvlJr1cQS8W4Dg8smw&extra2=aidata&google_gid=CAESEDK2m06ti849hodlUMv8750&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame EEE6 926 B
1 KB 17ms
14ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4927
Expires: Tue, 15 Mar 2022 11:12:05 GMT
Cache-Control: public, max-age=3600
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ec477febd4490af-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C55D 281 B
554 B 10ms
8ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4827 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 10 Mar 2022 05:31:55 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 15 Mar 2022 10:12:05 GMT
Age: 16800
X-Served-By: cache-lga21939-LGA, cache-hhn4071-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 169779, 333734
X-Timer: S1647339126.553117,VS0,VE0
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 90B9 0
35 B 18ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.0
date: Tue, 15 Mar 2022 10:12:05 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 7818 0
159 B 99ms
98ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://windowsapp.com.se/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C55D 32 KB
10 KB 10ms
10ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33292
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4827 0
729 B 13ms
13ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:05 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: affc66b4-faf2-458a-99f4-ab9220a4b2bd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1845
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

11ms
10ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82&CACHEBUSTER=864170
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Mar 2022 10:12:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
date: Tue, 15 Mar 2022 10:12:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1845 32 KB
10 KB 8ms
8ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 10:12:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33291
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9538
Expires: Tue, 15 Mar 2022 19:26:57 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1845 0
239 B 8ms
7ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&khaos=L0RZ6H77-4-KHFR
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H2

200

864170
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame BD20
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/864170
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/864170

43 B
297 B

40ms
40ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/864170
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.15/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:06 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.15/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:06 GMT
server: ms-counter-3.2.15/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/864170
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0E46 0
729 B 14ms
13ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:06 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c69ebc04-3513-48e9-a549-52ab9f036abe
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BD20
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82&expires=60
https://eb2.3lift.com/xuid?mid=2409&xuid=3d3088ee-f306-4f5d-8cf5-c145250bf84a&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=3d3088ee-f306-4f5d-8cf5-c145250bf84a&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

13ms
13ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=3d3088ee-f306-4f5d-8cf5-c145250bf84a&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:12:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2409&xuid=3d3088ee-f306-4f5d-8cf5-c145250bf84a&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date: Tue, 15 Mar 2022 10:12:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 494A 2 KB
814 B 32ms
8ms Document
text/html 51.38.120.206

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82&CACHEBUSTER=864170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 24C3 0
729 B 15ms
14ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:06 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c0fb543d-9c1e-41ee-8a49-336579ecd611
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4827 0
729 B 79ms
79ms Script
text/html 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 10:12:06 GMT
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5989ae8c-aa15-4b8c-8be5-9ccf68efebc3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

e0fa7bfa-9644-534a-b3a9-a8f3d199ce82
an.yandex.ru/mapuid/betweendigitalis/ Frame BD20
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fe0fa7bfa-9644-534a-b3a9-a8f3d199ce82
https://an.yandex.ru/mapuid/betweendigitalis/e0fa7bfa-9644-534a-b3a9-a8f3d199ce82
https://an.yandex.ru/mapuid/betweendigitalis/e0fa7bfa-9644-534a-b3a9-a8f3d199ce82?redir-setuniq=1

43 B
108 B

38ms
38ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/e0fa7bfa-9644-534a-b3a9-a8f3d199ce82?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:07 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:12:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 15 Mar 2022 10:12:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:07 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:12:07 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/e0fa7bfa-9644-534a-b3a9-a8f3d199ce82?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 15 Mar 2022 10:12:07 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame BD20 0
410 B 247ms
20ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=e0fa7bfa-9644-534a-b3a9-a8f3d199ce82
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 10:12:07 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
windowsapp.com.se/	1970-01-20 01:35:46	Name: XSRF-TOKEN Value: eyJpdiI6ImpuYjdJeVI2MXg0OW00QjJJXC9yWWpnPT0iLCJ2YWx1ZSI6ImZlN3ZKczU5SFVQZWNPa25sY0xVaTJ6RzM0cVoyZWhcL0hCYk1iSHJQYTR0enBmdGt6QktPazNBK0VqUTVtK1wvQyIsIm1hYyI6ImEyNDFlMmYyM2NiN2FmNDMyYTdmZTNlMDlmODM0MzIyOTVkOTM3YzJkMjVmYzdmYjgwYjA2YmMxZDg4NzJhMDIifQ%3D%3D
windowsapp.com.se/	1970-01-20 01:35:46	Name: laravel_session Value: eyJpdiI6Ijk3THlIQUs5Y2RwK2hEQWxoQVluVUE9PSIsInZhbHVlIjoiVmlpZmk4d1hHWkUzd0JXWWRKTXc4b0pUb0l0WUJnbDhyN0RDZFRpNGtVZ2FjRmIzRWZQYkhQd2MxTmFDZmV5UyIsIm1hYyI6IjA2NGNkOTc5YjEyZjM2ZDZkYjg4N2E3ZDQ0ZWUwOGFmNzFlZjA0MGVhMTIyYmVjMTA4N2E3MzliYzAxZWI0NGEifQ%3D%3D
windowsapp.com.se/	1970-01-20 02:18:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rubiconproject.com/	1970-01-20 10:21:15	Name: khaos Value: L0RZ6H77-4-KHFR
.rubiconproject.com/	1970-01-20 10:21:15	Name: audit Value: 1\|hLZGFuTafB3the/iW3S/zbRHKV/Y9AOYB3Biw5iW/3oEYu0+y2W/JC+KRmlECSD/9vxRhN90DzXtQCeevePCXLoCQT0/qtJWUf8oi0Z86ybQD5U7tEfUTQ==
.betweendigital.com/	1970-01-20 10:21:15	Name: dc Value: was1
.betweendigital.com/	1970-01-20 10:21:15	Name: tuuid Value: e0fa7bfa-9644-534a-b3a9-a8f3d199ce82
.betweendigital.com/	1970-01-20 10:21:15	Name: ss Value: 1
.betweendigital.com/	1970-01-20 10:21:15	Name: unm Value: 1
.windowsapp.com.se/	1970-01-20 10:21:15	Name: _ym_uid Value: 1647339122832137260
.windowsapp.com.se/	1970-01-20 10:21:15	Name: _ym_d Value: 1647339122
.mc.yandex.com/	1970-01-20 01:35:39	Name: sync_cookie_csrf Value: 980214273fake
.windowsapp.com.se/	1970-01-20 10:57:15	Name: cto_bidid Value: Phchg19tT2NiQTViRkhlOGVuWlk2azVRTndwTmFFSVdvMmYlMkZoJTJGTmRoJTJGZzJEOVNxNFRlaVF6REszRDNYMEF1N05SRzhTZkFOY0hzdmdFTmVVWENpNGpRcTF0ZyUzRCUzRA
.mc.yandex.ru/	1970-01-20 01:35:39	Name: sync_cookie_csrf Value: 1765160361fake
.windowsapp.com.se/	1970-01-20 01:36:51	Name: _ym_isad Value: 2
.yandex.com/	1970-01-20 10:21:15	Name: yandexuid Value: 5680731561647339122
.yandex.com/	1970-01-20 10:21:15	Name: yuidss Value: 5680731561647339122
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1803788081647339122
.yandex.com/	1970-01-23 17:11:39	Name: i Value: TNqCu+CPuKy8EDO9qfpX4tTwBEZtow8UVlGP/STRnztT4dbwMvgnf5WD0OxLIBHHZMHtK/NODMOWBwd1uY+SAY7wcng=
.yandex.com/	1970-01-20 10:21:15	Name: ymex Value: 1678875122.yrts.1647339122#1678875122.yrtsi.1647339122
.adnxs.com/	1970-01-20 03:45:15	Name: icu Value: ChgI7OlqEAoYASABKAEw8szBkQY4AUABSAEQ8szBkQYYAA..
.adnxs.com/	1970-01-20 03:45:15	Name: uuid2 Value: 5737405964845417911
prebid.a-mo.net/	1970-01-20 10:21:15	Name: __amc Value: 2_1647339121_1647339122
.doubleclick.net/	1970-01-20 10:57:15	Name: IDE Value: AHWqTUnwyUqqCgXVl73D8KXVYRXPFsJsV0dw6gPtXCwD-UiXiN_LPYmn4yLqD1hl7J4
.doubleclick.net/	1970-01-20 01:35:40	Name: test_cookie Value: CheckForPermission
.windowsapp.com.se/	1970-01-20 10:57:15	Name: __gads Value: ID=33388580da7a9869-22fe36b05ccd00f4:T=1647339122:S=ALNI_MYKctQD8oZA3DZIeCdVN2KtHI5X4w
.criteo.com/	1970-01-20 10:57:15	Name: uid Value: 2c4ec186-8495-4ddf-971d-14d00e974e2c
.windowsapp.com.se/	1970-01-20 10:57:15	Name: cto_bundle Value: 386NzV9kNGlreUZOJTJGaiUyQm1PbG9uOGUyZjlpd3Q2bVAzQ2hhRmhrRWl0cU5CJTJGUVlOUUxUN0l1ZmdKOE53N1VQJTJCZ0c3Q1hTJTJCd1hUYWxGJTJCUkpXeERyNktidE5GY2h6STZ6RGlCWUxxRlVlWlBqUGJKWCUyRkRqb3JJS211cGRtckNIOVZTanpiTEtsUXcxZjElMkZpRCUyRjFsTkozckZXJTJCZyUzRCUzRA
.bidswitch.net/	1970-01-20 10:21:15	Name: tuuid Value: 3d3088ee-f306-4f5d-8cf5-c145250bf84a
.bidswitch.net/	1970-01-20 10:21:15	Name: c Value: 1647339125
.bidswitch.net/	1970-01-20 10:21:15	Name: tuuid_lu Value: 1647339125
.adhigh.net/	1970-01-20 10:21:15	Name: gi_u Value: stINvNY4V9j.AikABlF_jRA6TA
.adhigh.net/	1970-01-20 10:21:15	Name: btw_sync Value: jxY
pool.admedo.com/	1970-01-20 10:21:15	Name: tuuid Value: 972af633-283c-45ff-ba4a-9a9a29a082d2
pool.admedo.com/	1970-01-20 10:21:15	Name: c Value: 1647339125
pool.admedo.com/	1970-01-20 10:21:15	Name: tuuid_lu Value: 1647339125
.adsniper.ru/	1970-01-27 08:47:39	Name: uuid3 Value: IiQ1ZDkzYTZiMC1hNDQ4LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.betweendigital.com/	1970-01-20 10:21:15	Name: ut Value: YjBmdQAJL5DWZcBHtbr-gWxPRu-oZPR2sKbYCA==
.bumlam.com/	1970-01-27 08:47:39	Name: suuid3 Value: IiQ1ZDkzYTZiMC1hNDQ4LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.aidata.io/	1970-01-20 19:06:51	Name: __upin Value: ebKZWvlJr1cQS8W4Dg8smw
.aidata.io/	1970-01-20 19:06:51	Name: __upints Value: 1647339125
.sniperlog.ru/	1970-01-20 14:33:15	Name: guid Value: C433249189D08742
.tns-counter.ru/	1970-01-20 10:21:15	Name: guid Value: 881F681562306676X1647339126
.3lift.com/	1970-01-20 03:45:15	Name: tluid Value: 3835827150321478337863

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9578.6Xyca4zXLA9Wn12dB-3fBd3fMMbMZgQtg5UmmZVSWXQQ7QacwSH3cN_GCbwlEwXKKKYLwlcByyj0swMSOBJ8hQ%2C%2C.Y5VB0_6P_DaAwy1wrtQhEWu13pI%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=8293556023947432603 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.doubleclick.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
ams1-ib.adnxs.com
an.yandex.ru
ap.lijit.com
appfurpc.com.de
bidder.criteo.com
biddr.brealtime.com
bidswitch-eu.splicky.com
cache.betweendigital.com
cdn.adnxs.com
cdn.ampproject.org
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
cs.emxdgt.com
d1a4f10c70240e7d64b9457b36aab69a.safeframe.googlesyndication.com
d97e9fc141c0b6cd636b0a9fa9886de1.safeframe.googlesyndication.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fe9d4e75939559f5e4a926fefa60ea6d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
ib.adnxs.com
id5-sync.com
is1-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
mc.yandex.com
mc.yandex.ru
mp.4dex.io
mug.criteo.com
node.setupad.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pool.admedo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.adhigh.net
rtb.adxpremium.services
rtb.openx.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
setupad-d.openx.net
static.criteo.net
stpd.cloud
sync.bumlam.com
sync.dmp.otm-r.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
windowsapp.com.se
www.google.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
104.117.200.100
104.17.119.107
13.248.245.213
141.95.99.211
142.250.185.230
142.250.186.162
147.75.38.124
151.101.193.108
151.236.71.19
159.89.25.223
168.119.168.202
178.250.2.131
178.250.2.146
18.195.155.181
185.184.8.65
185.33.220.216
185.33.220.243
185.86.139.59
194.190.76.41
2.19.35.65
2001:6d0:4001::226
209.50.60.88
216.52.2.39
216.58.208.98
2602:803:c004:200::141
2606:4700:20::681a:8a9
2606:4700:20::681a:9b2
2606:4700:3032::ac43:a284
2606:4700:3108::ac42:28fd
2606:4700::6810:5814
2606:4700::6812:272
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638::3
2a02:26f0:1700:38a::2a1
2a02:26f0:1700:38d::2a1
2a02:26f0:1700:394::2a1
2a02:6b8::1:119
2a02:6b8::90
3.120.28.2
31.172.81.158
31.172.81.172
35.158.25.241
35.210.53.219
35.227.252.103
35.244.159.8
37.157.6.248
51.38.120.206
54.36.238.155
69.173.144.138
69.173.144.165
82.145.213.8
88.99.28.61
89.108.120.76
96.46.186.57
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
0828ff138959647667235067a0290defa35f9000217b30ce6a5b21c1cfc61ef3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
116814b78814ed2ded55e34c84b1d7d868cd5dda919ec56dd088898d611c1907
182b5c14ffe495ddcc379bcf2ee5b92cc2d035244dfbfd4e92083890b83f9e01
1844de70f8a19e1bb882b6f7a1161affa42ebe90640ab3415b44819251de0843
1a393229854bc46159a0d6d1dd58ef5a706ca46b103daa5919b4f3790563a752
1affb8f05c65e07d5d22f1ec86340e534b74fa7321ed4b2c8e7d7b1a697b40e3
1b6a7d92084dc9e2bb3caaa399fb69d9e010f10e69fbf65c354a6c1ca6a58f04
1cca221b2415c4850d51ce414a374b220b2819c68188fedaf677403ee783f53a
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e6ecf4d7779cfbe2f2bc5b38d77014299c6d33609771d63a3ef436691338f00
215a2208b63720cca6ad229b2d3dcedb0dc2226076db2b86d764117441a3b108
23e8f7f6a12e07a3a097767ec61c968efcfe8195f10572feae2806b89be4203d
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
2710dea57b10afc1ddae5a5a68c59cfac6d968379f9a5ea3198e949f9af0784f
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
3186ca53e2abfc300a300456e8c7d647a878f097af29d7a2eaa11acc7df89555
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
33254c4824f35aa7707bd157c579f38d4d26f308c2afd65bc36a4e520dd3e1d5
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34705114b404ffc3faaa45a439f193029d2730850e3963f68384b1d8dca67b2a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39999451bad87515c56e47a75b46d6d04e7d98b35ab1bf40d3407489e678b242
3c5a64d656e80dfb0161b14a03aaea7fc8b4e7147a33e7dfe2647f0268a9a99f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4049e17634f0df8dbd1146cf2782e410ae91fcc13678b8e3c44b324ae19cb293
4121babe918e618fb86be2887a3fa6fcd1d937f848711082a20278d3ad87e896
42bfde869393a596a8ac4075e19670ae5fbb4381240e489da56da78163ff47d5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c746ac6ef1d6017253409837df6595ae6320805235bc89fe6f500298f8f23a9
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4d8fc43bffbe520fcff9f4818daaa59adba984204ac253fb4ce9d2f921a737c8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52290904476443f21ae8a5f22d0b35b75e80eab8f2037ae53afc56bcc6651795
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d7c24fcedca5f2bb26dd9c3a34ecb431dd61161400da5478b50f190c49bbc8
57fc1f0e6ffe4d2b1023af602d7a5497f17a82ef1804dec1f935641de171f440
5870c19909e7a0d0277d4294f0bfd8d4adbaed3d61379092be412e5ad01816f9
5908356e59a4c9d425dc5cb8b4cd81383c55904c65d0b9807a0c16ae028320a1
5b2876ede2c1cdf11bc0b080b87633a3d44b38c669d4db0c2e16c87febec3ee8
5b55bf7dd15889d4a22f310790e4a465c487f6f55b43cf7667d2726032870a9b
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
6192a22bda72a9bd0f0298ca5278cf4d661cf6ad5eb5e3e64ba4b46a19876c4b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647367edb473a569f80c0fb035ec50908b0b37e995c63663c02552079b974e76
65ac6ddbbaf8393a0ee05b6aaf2d869f0bba38902003fc4a1c37ea813cbaefce
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67a044b161b4144a2304ac43d7c59b7bc14a479ca46dc81cb2bff544555dbf7a
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
687be205607d7985c36d90cacc8d60ef919a61bfc72c630cda50e90467b75879
6a86882782bc143326fece32eb4bb5f659942d8a7af66d4ec22037a53671aa35
6d936528ab629186ccc4ac291d2a7f7459fe5970017db6311c6c3d5a1ee6ad00
6d9b75c8bfff970514a3abee8755ef593266d8c7a95d41d5666077af34577390
6f58d16bc5dc283a23606833d05fef951db1f2ff842cdf148e9624224ec2da0f
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ca0201d2d50ed21edaff8ec1ce261ff26c074556d1f77ca0adfa481a4aed529
7e359f9fee04ab32dc9d24fd7b6a0355b457b2480dbac9ee2379e9648ff06a1f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80b539ba6123ff47066289ea5f60ffebd4560088fa83f9d142a51ea5daa1eb32
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
84f884ae3edcb8c05f55a2f69a0c8c5484885584acb5c9978572b9f51ad0277e
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86f7523fd3bff5a6464ace1e296b6e5c864b4a444d833b4decd992da40f658cd
87949a3185fbb715ecdfba5ee15242ff8224ed987f220de95db95e457052d521
8996d7b9fba17a4ad4880bb154f6b56d33f9ff87ecf4f830bc0488cdc1616f55
8a2770268fb74d2f9c0463b4b836e2764c553e1ad4e914ae2bc1c31a9230ab78
8faf6733a946a41207c0907c9977e7403ef84ed3ff3f09973848f45b3056bde6
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9450dbea0b3f730522d9bf26d624c024beff332513844fb81a680f009cc01a8d
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
978f46f059f8b7580f0ace9c2a00175c926cb91b1bb69d1b39d7fd3a9e8582ad
9b8e193386fed60dc19da4653d1110cfa763172435639667fe1fd2ac802c943c
9d9ee5b0568153374301fd4320464c2f7b1a34402b379aebe17d4ad5ec066e0c
9f0d1ecd1c493936469349b254e5512be76e360e8166156f90bf7a2db6447e28
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d2a01b4244d7da375253f8ad0fcfcca3c7cfb0017f1535d5b40b470e82bdcf
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
ac66ac722009b2924b2fc7b8d59b434342feb5f158046a3b4c639473bae9201c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad1599efdbc56fd0405afcfa3b8676353aa918e4278be9f8e23f9858f06eaf1e
aea4c1c63dce7e4d558c26c721ec727de5dd9dbf147ada8e4c1fb71d09680fe7
b0c7a2425fb3b5eff6fe4193ef2e9b64f71785aa10eeb98e3badbcb9486e0111
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b83a64a52e3d89a0c56df6b9bd1b68ef725ebc01dee751d09f0e459db07d686c
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bd54241a6ef534d4fd55a95d52035292958c4a55c350f8bb38b396ef4f49c1e5
bf21717eb9d6b396f3a9a20f66d264678ebbffac2b8bdce1a864b61b7346eaf3
bff8548583996b3aba20c7becdbd3892899f64b8299443b424db6d9d409c7774
c0e640f2e75c48d0e723468325a50c2a8e934314d80e68b0a87131254b8ef480
c2ca50b6340d3f0247e56806ab034615c5c1c5398870c95b0be83c0482fb10c1
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c73a75f77daef3dd6f9447f21061136b51950f1e81fc61bb3058eae844727b95
ce639efee0f686f688bf175ace9178ead68d4651bb07c7463eec747c03254cbb
cf1fa4a6b89b29eda5f217d9c4b8d95f6ec9f5b77c3837f937c7d698a49a54b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2a5b26e4e8cf24f7c9b0caa688333c96a7aacfdd15dcb2a8ab1774acb144b35
d2b9b56144ab26b69a125d401dff14910d7e9a015e8e525ae335f16a5cd89985
d3660a2d5bb96b0556aaec05d61a6a7f3b60eee4052d0a7423c59835959bf497
d6b994e26d3c766aed59544ec8e5863d6d397704099d92702992322c0762eb98
d6ef3fd5623ae5008fa3c70b222291c40e4dcfa493ea5d4ce2b066e0788b1edc
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
ddf8dfaad4d5ddc21e3ceda14161c6a41b04f1f6753c73e3a69b52a82b1b5c42
e2651c08f7fa61aa39c3ffea1803795a9da8e14f04f9a53abe127af4eaeceef9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43e93c001e05abc7a94e9c3dfa13457a0401b9ab81f9d0376b592151d06a635
e4c5e9c0d510a455ae0f1615a994f29fd924bba51050d05ed568d2c2a6287568
e58de01287901c0198e1295279dadb3780721ecd645415497ace41f976b87db9
e884d8ac399db625523c10398657df0403405b60f0ebd374bfc70d714ba2f58f
e8a156849b40fa6cc8f51b9aaade18f983bdd7c626fc89a5df98dbdc9d6c57f5
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e955eaebb7f7621295c1eaa0bffd424ee37472aba1d8f2fdb2923c52974d215d
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ed7385b2ca535f7f90bb14266ddd68d64393f41d1559cbb4af01ece4dd36b8fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3d0d0262abdc922c4fd2d33eae57aece3203c5fb3683aff1e6739f678496c0
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

windowsapp.com.se Open in urlscan Pro 2606:4700:3032::ac43:a284 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

266 Requests

93 %HTTPS

43 %IPv6

46 Domains

79 Subdomains

62 IPs

8 Countries

2550 kBTransfer

6807 kBSize

44 Cookies

7 Outgoing links

Redirected requests

266 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

windowsapp.com.se Open in urlscan Pro
2606:4700:3032::ac43:a284 Public Scan

Screenshot
Live screenshot

Full Image

266
Requests

93 %
HTTPS

43 %
IPv6

46
Domains

79
Subdomains

62
IPs

8
Countries

2550 kB
Transfer

6807 kB
Size

44
Cookies

266 HTTP transactions
5 data transactions