urlscan.io logo urlscan.io
SecurityTrails logo

www.refunder.se Open in urlscan Pro
2606:4700:10::ac43:1c40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.rule.io/link/nl/n_w4x9ab/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj
Effective URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_...
Submission: On June 16 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 82 HTTP transactions. The main IP is 2606:4700:10::ac43:1c40, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.refunder.se.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2022. Valid for: a year.
This is the only time www.refunder.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
40 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 99.86.4.117 16509 (AMAZON-02)
1 104.92.101.166 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.38 15169 (GOOGLE)
1 65.9.66.112 16509 (AMAZON-02)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 151.101.2.137 54113 (FASTLY)
1 2001:4860:480... 15169 (GOOGLE)
1 99.86.4.22 16509 (AMAZON-02)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.127 16509 (AMAZON-02)
2 185.221.87.8 206998 (NEW-2)
1 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
82 23
1    2606:4700:20::681a:373 (United States)

ASN13335 (CLOUDFLARENET, US)
app.rule.io
40    2606:4700:10::ac43:1c40 (United States)

ASN13335 (CLOUDFLARENET, US)
www.refunder.se
static.refunder.se
cdn.refunder.se
resources.refunder.se
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    99.86.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-117.fra6.r.cloudfront.net
widget.trustpilot.com
1    104.92.101.166 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-101-166.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
6638233.fls.doubleclick.net
5450406.fls.doubleclick.net
1    65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net
static.hotjar.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    99.86.4.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-22.fra6.r.cloudfront.net
script.hotjar.com
1    2a02:26f0:ef::5c7b:c25a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    99.86.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-127.fra6.r.cloudfront.net
vars.hotjar.com
2    185.221.87.8 (Ireland)

ASN206998 (NEW-2, IE)
bam.eu01.nr-data.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
40 refunder.se
www.refunder.se
static.refunder.se
cdn.refunder.se
resources.refunder.se
968 KB
6 gstatic.com
fonts.gstatic.com
133 KB
5 doubleclick.net
6638233.fls.doubleclick.net
5450406.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
region1.google-analytics.com — Cisco Umbrella Rank: 9409
59 KB
5 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5760
38 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
www.linkedin.com — Cisco Umbrella Rank: 527
px4.ads.linkedin.com — Cisco Umbrella Rank: 5965
4 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
119 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 9
1 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 992
vars.hotjar.com — Cisco Umbrella Rank: 1037
67 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 7295
www.google.de — Cisco Umbrella Rank: 5111
1 KB
2 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 9300
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
129 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
410 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 953
3 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 438
18 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3771
18 KB
1 rule.io
app.rule.io — Cisco Umbrella Rank: 692111
991 B
82 18
Domain Requested by
18 static.refunder.se www.refunder.se
10 resources.refunder.se www.refunder.se
8 www.refunder.se www.refunder.se
6 fonts.gstatic.com fonts.googleapis.com
5 widget.trustpilot.com www.refunder.se
widget.trustpilot.com
4 connect.facebook.net www.refunder.se
4 www.google-analytics.com www.refunder.se
4 cdn.refunder.se www.refunder.se
2 px.ads.linkedin.com 2 redirects
2 bam.eu01.nr-data.net www.refunder.se
2 adservice.google.com 6638233.fls.doubleclick.net
5450406.fls.doubleclick.net
2 5450406.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 6638233.fls.doubleclick.net 1 redirects www.refunder.se
2 www.googletagmanager.com www.refunder.se
2 fonts.googleapis.com www.refunder.se
widget.trustpilot.com
1 www.google.de
1 www.google.com
1 www.facebook.com
1 stats.g.doubleclick.net www.refunder.se
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 adservice.google.de adservice.google.com
1 vars.hotjar.com www.refunder.se
1 snap.licdn.com www.refunder.se
1 script.hotjar.com www.refunder.se
1 region1.google-analytics.com www.googletagmanager.com
1 js-agent.newrelic.com www.refunder.se
1 static.hotjar.com www.refunder.se
1 appleid.cdn-apple.com www.refunder.se
1 app.rule.io 1 redirects
82 30

This site contains links to these domains. Also see Links.

Domain
refunder.bast-i-test.se
refunderpay.se
refunder.ocast.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.trustpilot.com
Amazon		 2022-03-04 -
2023-04-02		 a year crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-25 -
2022-06-23		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-24 -
2023-02-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Frame ID: F91AA4E2D2ED44C1F538A5235329CD7F
Requests: 71 HTTP requests in this frame

Frame: https://6638233.fls.doubleclick.net/activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295
Frame ID: 6B78CB520B0CCB3428E7936FBD9786A7
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=52cfc1ad000064000577d9ee
Frame ID: C48509CD284462BACCB9F4AF985C90CC
Requests: 5 HTTP requests in this frame

Frame: https://5450406.fls.doubleclick.net/activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik
Frame ID: DADE29E1974AB76E0D4A26848E442C00
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=https://www.refunder.se/
Frame ID: 61D94A2EECC729631D22C665886BEB8F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 53160C8F9A70F7C16180053D16201354
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=https://www.refunder.se/
Frame ID: F47C802AFE667A2D6FF4F556CA288A19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inbjudan till Refunder.se Shape CopyShape Copy

Page URL History Show full URLs

  1. https://app.rule.io/link/nl/n_w4x9ab/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj HTTP 302
    https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

82
Requests

99 %
HTTPS

64 %
IPv6

18
Domains

30
Subdomains

23
IPs

4
Countries

1561 kB
Transfer

3241 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.rule.io/link/nl/n_w4x9ab/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj HTTP 302
    https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://6638233.fls.doubleclick.net/activityi;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295 HTTP 302
  • https://6638233.fls.doubleclick.net/activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295
Request Chain 59
  • https://5450406.fls.doubleclick.net/activityi;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik HTTP 302
  • https://5450406.fls.doubleclick.net/activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik
Request Chain 74
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D77148%26time%3D1655386138087%26url%3Dhttps%253A%252F%252Fwww.refunder.se%252Finvitation%252F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%253Futm_campaign%253Dgrymt%252520viktig%252520information%252520fr%2525C3%2525A5n%252520Fredrik%2526utm_medium%253Demail%2526utm_source%253Drule%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true&e_ipv6=AQIBsiAsg1RLUQAAAYFss-nbUUDriE_poVC7orVqdMcvrqTZV9Ci8mXL1G8JK5RsL5CsJfkvFx9-kq6nbk5CkAJQIw97CQ

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d
www.refunder.se/invitation/
Redirect Chain
  • https://app.rule.io/link/nl/n_w4x9ab/a/n_5e0/d/n_8v2i/di/n_rt/s/n_3rg9r1/e/n_zz7qj
  • https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
192 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.20
Resource Hash
b259e574b47bbc0324b49677cdda0f1f2f28e3e9c97bb5d8a4c3848e88872a3c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
71c3e4362cd723f7-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Jun 2022 13:28:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-powered-by
PHP/8.0.20

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
71c3e4342ff00e02-MXP
content-type
text/html; charset=UTF-8
date
Thu, 16 Jun 2022 13:28:55 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR0eVv0YDCD6wzmFT70PpuYD0NpNQJ6XtKfBgz3Z5YCKAsqVZCHbu5%2By5hLT%2FXFV4XHgDt29PorI6nxaSKv7sjJ0Pr9AQR%2FVs2VHgxa4E4v6YlCVybpvn5H%2FRi6p6LdFJ1rYf7c6K64B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
public.css
www.refunder.se/resources/css/ 		130 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refunder.se/resources/css/public.css?id=b4886be1fcd782060411678021ca267a
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a77cf1c3561d7679da8092186eede2149f35a862a16774dd68d408e2faf69f4c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-2096a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e438580423f7-ZRH
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b614fa18ad4b63605494f704797024b3f1387fc3a4a3e7fd178169c5ed11cd90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 13:28:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 13:28:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 13:28:56 GMT
refunder-logo.png
www.refunder.se/img/refunder_logos/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refunder.se/img/refunder_logos/refunder-logo.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0911179225efa10c255b7beb7ae49bc0e062f01ade67e65a91019ea3e5539b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:21:35 GMT
server
cloudflare
etag
"62a9a49f-5699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
cf-ray
71c3e438580b23f7-ZRH
content-length
22169
logo_refunder_inline.png
static.refunder.se/refunder_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/refunder_logos/logo_refunder_inline.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b7b462a516fc5829dfed97535516ed4ecd95b7ad76ec3aa539597d417e8f2c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
7d6116654692778f8934c24940351eadf38bfe03
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2135
x-served-by
cache-sjc10064-SJC, cache-bma1674-BMA
last-modified
Thu, 27 Jan 2022 16:32:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e438683523f7-ZRH
cross-origin-resource-policy
cross-origin
7a98a892b9bb943628ad7ff26e2c5cae70bd73f9.jpg
cdn.refunder.se/custom/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.refunder.se/custom/7a98a892b9bb943628ad7ff26e2c5cae70bd73f9.jpg
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277397f9f0235d45f6c3ebf6d2bc9fe6f8612b798848d59e1f3b2279bce1346e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Jun 2022 14:52:42 GMT
server
cloudflare
etag
"c0d3febc36ddd412e32730193033afa3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
cf-ray
71c3e438784b23f7-ZRH
content-length
111397
hiw-shop.png
static.refunder.se/sv/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/sv/hiw-shop.png?w=400
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91eae6a6e744a24134f7f968896fca46a7a4108a6fca1148c0d2deeda259fc24
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
fe21e319f740b78a15bb3207777b6a26ecf38b55
strict-transport-security
max-age=15724800; includeSubDomains
content-length
26574
x-served-by
cache-sjc10039-SJC, cache-bma1625-BMA
last-modified
Tue, 24 May 2022 02:00:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e438683623f7-ZRH
cross-origin-resource-policy
cross-origin
hiw-provision.png
static.refunder.se/sv/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/sv/hiw-provision.png?w=400
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5b683e9d5db77d31a9ba839a0c367a3a9e61d40d41d6bb00a37aefb02fc318
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
56402508432fdcc550bcde4d92f42db9bbec3b9d
strict-transport-security
max-age=15724800; includeSubDomains
content-length
27981
x-served-by
cache-sjc10070-SJC, cache-bma1624-BMA
last-modified
Tue, 07 Jun 2022 03:51:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-features
{"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
accept-ranges
bytes
cf-ray
71c3e438683823f7-ZRH
cross-origin-resource-policy
cross-origin
hiw-bank-account.png
static.refunder.se/sv/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/sv/hiw-bank-account.png?w=400
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
575a7f3ec56678b90ae05cffb8212411b4408d5c482b9f96c57bb8688f6fff81
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
d71fcc68239d8ee2dcff565e84c9d7400d934b2e
strict-transport-security
max-age=15724800; includeSubDomains
content-length
19835
x-served-by
cache-sjc10082-SJC, cache-bma1628-BMA
last-modified
Tue, 14 Jun 2022 03:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e438683123f7-ZRH
cross-origin-resource-policy
cross-origin
logos
cdn.refunder.se/generator/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.refunder.se/generator/logos?stores=popular&num=21&size=1200x200&padding=30&columns=7&grayscale=0
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.20
Resource Hash
163f46f38d572e7af7d72b2571686085fff4c0b61895a199d84b6f1a849acb81
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:57 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Jun 2022 13:28:57 GMT
server
cloudflare
x-powered-by
PHP/8.0.20
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=31536000, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e438784923f7-ZRH
expires
-1
paypal-logo.png
static.refunder.se/logos/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/paypal-logo.png?h=48&trim=color&trim-tol=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25a959581dfca1ff09a592a68cb3c47c2dcd6cc05390f10f5f57ac44ec78826a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
3961cb0968c681d004faef8ca2e361319e6db79e
strict-transport-security
max-age=15724800; includeSubDomains
content-length
9662
x-served-by
cache-sjc10054-SJC, cache-bma1633-BMA
last-modified
Tue, 14 Jun 2022 00:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e438683323f7-ZRH
cross-origin-resource-policy
cross-origin
trustly-logo.png
static.refunder.se/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/trustly-logo.png?h=48&trim=color&trim-tol=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eca6d42e41d2bef33800c7dd64ad542aab93fa9004e7c063a68819c21167923
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
c34fd3eb6e0dd08c55b4e8a5155b53eca587fd2a
strict-transport-security
max-age=15724800; includeSubDomains
content-length
4387
x-served-by
cache-sjc10083-SJC, cache-bma1661-BMA
last-modified
Tue, 31 May 2022 05:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e438683423f7-ZRH
cross-origin-resource-policy
cross-origin
klarna.png
static.refunder.se/logos/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/klarna.png?h=170&trim=color&trim-tol=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30faddd1345cc1494a19ab7702d743632d8be41283a2397fb7a315c0040ec00a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
54ef13b587822654904d3846d84f3ddca703f111
strict-transport-security
max-age=15724800; includeSubDomains
content-length
16841
x-served-by
cache-sjc10026-SJC, cache-bma1665-BMA
last-modified
Wed, 15 Jun 2022 03:30:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e43979fd23f7-ZRH
cross-origin-resource-policy
cross-origin
logo-bonnier.png
static.refunder.se/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/logo-bonnier.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7f7576a3bb5eb2ab18b4af0a0fc472ce9ff02e4a312af2785546b1f6d183c1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
MISS, HIT
x-imgix-id
07371dbb750446017698d9d6ec332d4a81685442
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2037
x-served-by
cache-sjc10053-SJC, cache-bma1622-BMA
last-modified
Wed, 19 Jan 2022 14:16:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e43979ff23f7-ZRH
cross-origin-resource-policy
cross-origin
certificate_badges.png
static.refunder.se/logos/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/certificate_badges.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56030ef93940f0e80685b1a764988f954e8745239081c43225b1abb7cf5ac133
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT, HIT
x-imgix-id
47ad43f8866bb866205ace9084915073d16ff25e
strict-transport-security
max-age=15724800; includeSubDomains
content-length
52190
x-served-by
cache-sjc10047-SJC, cache-bma1634-BMA
last-modified
Thu, 10 Feb 2022 15:58:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-features
{"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
accept-ranges
bytes
cf-ray
71c3e4398a3523f7-ZRH
cross-origin-resource-policy
cross-origin
rocket-loader.min.js
www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Jun 2022 21:22:53 GMT
server
cloudflare
etag
W/"62a3b62d-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
71c3e438783c23f7-ZRH
vary
Accept-Encoding
expires
Sat, 18 Jun 2022 13:28:56 GMT
essentials.js
www.refunder.se/resources/js/ 		620 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d98848bdcca414da43084702745afbe3f78e05ebd56572a6424b9bacf9b50c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-9af70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e438a89323f7-ZRH
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
age
36913
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
date
Thu, 16 Jun 2022 03:13:43 GMT
content-length
6124
x-xss-protection
1; mode=block
last-modified
Mon, 30 May 2022 14:38:02 GMT
server
AmazonS3
etag
"5add60196e5f96a414fb4b9586764e5d"
content-type
application/x-javascript
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
lJsG-Tpkdwt8UQ-dArbqWwk1OAZbXSVXyGo031fhRw_wouvO7tMaew==
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/sv_SE/ 		43 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/sv_SE/appleid.auth.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.101.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-101-166.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
67278a57833bfcc97c005863fdf1e004c68e36aea722fe41e30a7eb5fbbef794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Last-Modified
Thu, 26 May 2022 17:24:45 GMT
Server
Apple
ETag
W/"44314-1653585885854"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Date
Thu, 16 Jun 2022 13:28:56 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17978
js
www.googletagmanager.com/gtag/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F14TVBNT6M
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1db3c3e659977fd5736bbf7e566f5b04e80aee161e3f1819dcd0de4e2d3d0005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70226
x-xss-protection
0
expires
Thu, 16 Jun 2022 13:28:56 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
159702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:14 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
159702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:14 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:10:10 GMT
x-content-type-options
nosniff
age
159526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:10:10 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:37 GMT
x-content-type-options
nosniff
age
159679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:37 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:10:27 GMT
x-content-type-options
nosniff
age
159509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24408
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:50:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:10:27 GMT
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700|Droid+Serif:400,700,400italic,700italic|Lato:300,400,400i,700,900,300italic|Nunito:400,700,800&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:58:24 GMT
x-content-type-options
nosniff
age
156632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17728
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:10:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:58:24 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1448
date
Thu, 16 Jun 2022 13:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Jun 2022 15:04:49 GMT
activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295
6638233.fls.doubleclick.net/ Frame 6B78
Redirect Chain
  • https://6638233.fls.doubleclick.net/activityi;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295?
  • https://6638233.fls.doubleclick.net/activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=724283103065...
503 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6638233.fls.doubleclick.net/activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295?
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
f9e01430ffce6ff7a056890acd58b683c05b765dd1bbb12f81b03ed8c64f28f5
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refunder.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
393
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 13:28:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 13:28:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://6638233.fls.doubleclick.net/activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hotjar-85928.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-85928.js?sv=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-112.fra56.r.cloudfront.net
Software
/
Resource Hash
c1dcf0223e353e0dd690643726a43ffdd77ad1d68ac9776a0442ce7c1b7c5f59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:33 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
24
etag
W/5c0865116494d433e2ab32f10e09e0b8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
dbSG_OS4yMyClNfJBcu3o5ZB7a254Puakf68irB27Z7lhPlhE2OFlw==
via
1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ed6b5719cb281f4e22b0d1fffb52183763c05bf47279742529ef11f1cbb81ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qaX78fIcHOkIKos7+zNoJQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
qpavJk6WwClYTIVKpo0x4C20o1HHgnG3Z2t/xCrD1fCQYcrXjbTxMosgRKCqHUWRd78gJkjIayekz8IrRuSSig==
x-fb-trip-id
917726464
x-fb-content-md5
a37ff741c525bea26942dad7c8692be7
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Jun 2022 13:28:57 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"694c9df540516a9df79f92ee03bf0424"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Jun 2022 13:47:21 GMT
gtm.js
www.googletagmanager.com/ 		173 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WXH7C
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ccd95d5e06d8b244e7878f08f4fbd5b728b76d55b64af1e3ba04bdf97915569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61304
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Jun 2022 13:28:57 GMT
309.72bf65f8ed754695.js
resources.refunder.se/js/chunks/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/309.72bf65f8ed754695.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b585980640b1e3d9a546918e99cf168d78e5194b2de9a5ceaadc186ade090eaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-7513"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4411fdf23f7-ZRH
3770.1a335832fcd2735f.js
resources.refunder.se/js/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/3770.1a335832fcd2735f.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b829a5c0edf3ce599c40dac939dbaf14a872ae7636eb1253fe88edcff856dd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-859"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4411fde23f7-ZRH
4552.1ad27ad347cd28d6.js
resources.refunder.se/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/4552.1ad27ad347cd28d6.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80594f546a74b86177f268133193c916ee7d6ccd62c943cbd76e8194f8154f84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-11b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4411fe123f7-ZRH
7189.db8219ba88c3a1f4.js
resources.refunder.se/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/7189.db8219ba88c3a1f4.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e68a44cb47e36f0f05177ac124228f09619d1676d6ca53e2efe0de83ffd781
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-10e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4411fe223f7-ZRH
643.dd415517f0a338f0.js
resources.refunder.se/js/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/643.dd415517f0a338f0.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d8ae309e83ac61b4f90abbf1c5324992e76d495ff18b42d31fff2f06d04185
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-a5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4411fdc23f7-ZRH
7499.b017d4eb1770cda6.js
resources.refunder.se/js/chunks/ 		1 KB
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/7499.b017d4eb1770cda6.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f744a76f39dc94315e36e7bcfdea4491073eb50d115070cb407fd4cf8aad1c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-5b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4411fdb23f7-ZRH
6441.f37ab78b246942ce.js
resources.refunder.se/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/6441.f37ab78b246942ce.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3369487a269ed867ce164cb0e889154f3ca9412533f238ee1c21665fe54c7e84
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-ff0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e441f93f23f7-ZRH
7653.f7ac5e110152b0ea.js
resources.refunder.se/js/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/7653.f7ac5e110152b0ea.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a552d472eb919c47a2ce512c608411dbe849a881d4bfdfd64b5088f67a8a4d0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-ae1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e441f94323f7-ZRH
refunder-logo.png
www.refunder.se/img/refunder_logos/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refunder.se/img/refunder_logos/refunder-logo.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2508303380c18b6f35c2b8e52a6214e528b1376726c77e7c93e9b6e31c0a1d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
vary
Accept
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=22169
content-disposition
inline; filename="refunder-logo.webp"
content-length
10854
last-modified
Wed, 15 Jun 2022 09:21:35 GMT
server
cloudflare
etag
"62a9a49f-5699"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71c3e4410fcd23f7-ZRH
cf-bgj
imgq:85,h2pri
logo_refunder_inline.png
static.refunder.se/refunder_logos/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/refunder_logos/logo_refunder_inline.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ab00edeb9fa42770be1cab71822ec256436dbdc56ce9832885935f72008faa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=2135
x-cache
MISS, HIT
x-imgix-id
7d6116654692778f8934c24940351eadf38bfe03
content-disposition
inline; filename="logo_refunder_inline.webp"
vary
Accept
content-length
1038
x-served-by
cache-sjc10064-SJC, cache-bma1674-BMA
last-modified
Thu, 27 Jan 2022 16:32:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e4411fd323f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
7a98a892b9bb943628ad7ff26e2c5cae70bd73f9.jpg
cdn.refunder.se/custom/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.refunder.se/custom/7a98a892b9bb943628ad7ff26e2c5cae70bd73f9.jpg
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49f77319e2367765fc83e835225cb83d90add02de072e2681db42714fb2b441c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1
cf-polished
degrade=85, origSize=111397, status=webp_bigger
content-length
102276
last-modified
Mon, 13 Jun 2022 14:52:42 GMT
server
cloudflare
etag
"c0d3febc36ddd412e32730193033afa3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71c3e4411fe323f7-ZRH
cf-bgj
imgq:85,h2pri
hiw-shop.png
static.refunder.se/sv/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/sv/hiw-shop.png?w=400
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085c4cc0836036a7a3f292606328edf0beac847de78d2b7ef108c276268e1842
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=26574
x-cache
MISS, HIT
x-imgix-id
fe21e319f740b78a15bb3207777b6a26ecf38b55
content-disposition
inline; filename="hiw-shop.webp"
vary
Accept
content-length
20440
x-served-by
cache-sjc10039-SJC, cache-bma1625-BMA
last-modified
Tue, 24 May 2022 02:00:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e4411fe423f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
hiw-provision.png
static.refunder.se/sv/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/sv/hiw-provision.png?w=400
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbefd45f6e68a816442fc919696319cf3691618b34ded46654dde99eca2806e8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=27981
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="hiw-provision.webp"
vary
Accept
content-length
22958
x-served-by
cache-sjc10070-SJC, cache-bma1624-BMA
last-modified
Tue, 07 Jun 2022 03:51:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
x-imgix-id
56402508432fdcc550bcde4d92f42db9bbec3b9d
cache-control
public, max-age=31536000
x-imgix-features
{"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
accept-ranges
bytes
cf-ray
71c3e441281123f7-ZRH
cf-bgj
imgq:85,h2pri
hiw-bank-account.png
static.refunder.se/sv/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/sv/hiw-bank-account.png?w=400
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d8d9d74b70eeca447db77ebd9a6ce5b77f8a5914a8eeef72f1bfc5d099af737
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=19835
x-cache
MISS, HIT
x-imgix-id
d71fcc68239d8ee2dcff565e84c9d7400d934b2e
content-disposition
inline; filename="hiw-bank-account.webp"
vary
Accept
content-length
15896
x-served-by
cache-sjc10082-SJC, cache-bma1628-BMA
last-modified
Tue, 14 Jun 2022 03:21:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e441381a23f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
logos
cdn.refunder.se/generator/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.refunder.se/generator/logos?stores=popular&num=21&size=1200x200&padding=30&columns=7&grayscale=0
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.20
Resource Hash
163f46f38d572e7af7d72b2571686085fff4c0b61895a199d84b6f1a849acb81
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:57 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Jun 2022 13:28:57 GMT
server
cloudflare
age
0
x-powered-by
PHP/8.0.20
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
private, max-age=31536000, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e441381c23f7-ZRH
expires
-1
paypal-logo.png
static.refunder.se/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/paypal-logo.png?h=48&trim=color&trim-tol=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98dab1800d1aeab8797789b49a7331d01dcc546edb64b0079fc8b6d454767754
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=9662
x-cache
MISS, HIT
x-imgix-id
3961cb0968c681d004faef8ca2e361319e6db79e
content-disposition
inline; filename="paypal-logo.webp"
vary
Accept
content-length
6454
x-served-by
cache-sjc10054-SJC, cache-bma1633-BMA
last-modified
Tue, 14 Jun 2022 00:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e441381d23f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
trustly-logo.png
static.refunder.se/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/trustly-logo.png?h=48&trim=color&trim-tol=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b8b288b49241207522401187484cadf49832551ee68cd0cb51a3bfb4d6e06a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=4387
x-cache
MISS, HIT
x-imgix-id
c34fd3eb6e0dd08c55b4e8a5155b53eca587fd2a
content-disposition
inline; filename="trustly-logo.webp"
vary
Accept
content-length
2682
x-served-by
cache-sjc10083-SJC, cache-bma1661-BMA
last-modified
Tue, 31 May 2022 05:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e441381e23f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
klarna.png
static.refunder.se/logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/klarna.png?h=170&trim=color&trim-tol=5
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f005c49df451da78e1b6d1e6820ced17ad091cc23a0e9caa2f0700ae28153db2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=16841
x-cache
MISS, HIT
x-imgix-id
54ef13b587822654904d3846d84f3ddca703f111
content-disposition
inline; filename="klarna.webp"
vary
Accept
content-length
8356
x-served-by
cache-sjc10026-SJC, cache-bma1665-BMA
last-modified
Wed, 15 Jun 2022 03:30:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e441382e23f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
logo-bonnier.png
static.refunder.se/logos/ 		974 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/logo-bonnier.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f0c3a67fb8ac422f0a72169c17f9f1dfb5d923f5620331a5f5de93c97db649
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=2037
x-cache
MISS, HIT
x-imgix-id
07371dbb750446017698d9d6ec332d4a81685442
content-disposition
inline; filename="logo-bonnier.webp"
vary
Accept
content-length
974
x-served-by
cache-sjc10053-SJC, cache-bma1622-BMA
last-modified
Wed, 19 Jan 2022 14:16:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
71c3e441686123f7-ZRH
cross-origin-resource-policy
cross-origin
cf-bgj
imgq:85,h2pri
certificate_badges.png
static.refunder.se/logos/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.refunder.se/logos/certificate_badges.png
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/resources/js/essentials.js?id=cb85b662ed3baf893591aa24a1264c0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc1d8fa963fa4d1edcfbd6d242169dee9a5e8ebfd6d6e7fcc96a49b60922db3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1
cf-polished
origFmt=png, origSize=52190
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="certificate_badges.webp"
vary
Accept
content-length
36010
x-served-by
cache-sjc10047-SJC, cache-bma1634-BMA
last-modified
Thu, 10 Feb 2022 15:58:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
x-imgix-id
47ad43f8866bb866205ace9084915073d16ff25e
cache-control
public, max-age=31536000
x-imgix-features
{"linux_painter":"0","tannhauser_routing":"0","tannhauser_shield":"0"}
accept-ranges
bytes
cf-ray
71c3e441788223f7-ZRH
cf-bgj
imgq:85,h2pri
get_cookie_list
www.refunder.se/ajax/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.refunder.se/ajax/get_cookie_list
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.20
Resource Hash
d27e21266097a575969ef543c76aae24d4752d4efb38bdf3ff0b1c95d591e2dc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

X-NewRelic-ID
VwIPU1FQCRADU1NWBgEDUVY=
X-CSRF-TOKEN
x4ra4Jj3eBfijTDeuwAozceULUwYPkMSgJuL1Azc
traceparent
00-81a775de5dc8f55845de6a8fd6ff0a2c-af1a929f92ae9307-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0ODI3MzEiLCJhcCI6IjM3MjQ1MTAwNCIsImlkIjoiYWYxYTkyOWY5MmFlOTMwNyIsInRyIjoiODFhNzc1ZGU1ZGM4ZjU1ODQ1ZGU2YThmZDZmZjBhMmMiLCJ0aSI6MTY1NTM4NjEzNzc4OH19
Accept
application/json, text/plain, */*
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
X-CSRF-REFUNDER
x4ra4Jj3eBfijTDeuwAozceULUwYPkMSgJuL1Azc
X-Requested-With
XMLHttpRequest
tracestate
3482731@nr=0-1-3482731-372451004-af1a929f92ae9307----1655386137788

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 16 Jun 2022 13:28:57 GMT
server
cloudflare
x-powered-by
PHP/8.0.20
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
cache-control
private, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e441382223f7-ZRH
index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame C485 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=52cfc1ad000064000577d9ee
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9954976480ba2c51272fb1279dce290f1abea3c68f26881f7a4ff34a81aef620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.refunder.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22765
cache-control
max-age=86400
content-encoding
gzip
content-length
2626
content-type
text/html
date
Thu, 16 Jun 2022 07:09:33 GMT
etag
"5c4d16cf6c4476b9433878c31ba70b3f"
last-modified
Tue, 14 Jun 2022 14:01:47 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id
UndG1bTvQCJtLE2ttcwzTQjVZN4B-d9tpzFEdM8_89rb3H2POuR3Gw==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nr-spa-1216.min.js
js-agent.newrelic.com/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding
gzip
etag
"63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id
3CG6GB6WD9Q2PQQ9
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
18216
x-amz-id-2
hxk9vxHuyo17aJR2y383G7Kx6Hfapn69j2ysL3g2uYCFPxJji7ZPbZD2NaUEhlFc0/GdKTiT/bw=
x-served-by
cache-hhn4027-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1655386138.890936,VS0,VE0
date
Thu, 16 Jun 2022 13:28:57 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5043
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-F14TVBNT6M&gtm=2oe6f0&_p=1494588861&_z=ccd.v9B&cid=1792050007.1655386138&ul=en-us&sr=1600x1200&_s=1&sid=1655386137&sct=1&seg=0&dl=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&dt=Inbjudan%20till%20Refunder.se&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F14TVBNT6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.refunder.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
www.refunder.se/svg/icon/fal/ 		766 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.refunder.se/svg/icon/fal/user
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.20
Resource Hash
6fe0da32ad16c75e58516c9de80c7a5fe3379a3cc614f56c2f515413062e8acd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

X-NewRelic-ID
VwIPU1FQCRADU1NWBgEDUVY=
X-CSRF-TOKEN
x4ra4Jj3eBfijTDeuwAozceULUwYPkMSgJuL1Azc
traceparent
00-97bb2580836f4ab043fed85f0273e4e4-25a848fc8cfd3945-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0ODI3MzEiLCJhcCI6IjM3MjQ1MTAwNCIsImlkIjoiMjVhODQ4ZmM4Y2ZkMzk0NSIsInRyIjoiOTdiYjI1ODA4MzZmNGFiMDQzZmVkODVmMDI3M2U0ZTQiLCJ0aSI6MTY1NTM4NjEzNzgyMH19
Accept
application/json, text/plain, */*
Referer
https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
X-CSRF-REFUNDER
x4ra4Jj3eBfijTDeuwAozceULUwYPkMSgJuL1Azc
X-Requested-With
XMLHttpRequest
tracestate
3482731@nr=0-1-3482731-372451004-25a848fc8cfd3945----1655386137820

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 16 Jun 2022 13:28:57 GMT
server
cloudflare
x-powered-by
PHP/8.0.20
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private, max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e441686923f7-ZRH
main.js
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame C485 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=52cfc1ad000064000577d9ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1272b90987290bd975747df70152b6ca1ce264c7e2de470788b8bdad87621b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=52cfc1ad000064000577d9ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 14:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84402
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26143
x-xss-protection
1; mode=block
last-modified
Tue, 14 Jun 2022 14:01:48 GMT
server
AmazonS3
etag
"b1bcdb665416d6eff3e9d9c180b4d063"
strict-transport-security
max-age=31536000
content-type
application/x-javascript
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
g5bbmRS-lDKx97mG7_I4J092mNk0tEYCYq_wkwBC_GPrwkvmgDTNZg==
modules.b871a939666125f20d79.js
script.hotjar.com/ 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b871a939666125f20d79.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-22.fra6.r.cloudfront.net
Software
/
Resource Hash
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
621411
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64109
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 08:51:29 GMT
etag
"a7a5f230aae7accf37f785c6590c07fa"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
yXJrJ7Ee6jdKD-irfbCyG8Y6bWuUx7t_oFeVtHq1O7UL7KgIf3asWA==
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=12d39bb6d4f2861d5ce31298ab522a2a
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2823c47b9ee72c1fe711cebdc143bf1778e18870917c978dc7b6625741943b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.refunder.se/
Origin
https://www.refunder.se
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mSLlIMaq+SAvHGw6YrU2eQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85919
x-fb-rlafr
0
x-fb-debug
Ikll8q3lFleAQcpK0iRLbxUuZGqs7xtEJ4CtokHCNyBlMgkFnmRJFMuDRUVJJfM6+00iCfHmij6SfowklnXKgQ==
x-fb-content-md5
c7d98df2dfb9ae188898a621e6b5980e
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Jun 2022 13:28:57 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"bba3075c9a7fea024d8e3fca99959658"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 16 Jun 2023 05:39:49 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:18:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 16 Jun 2022 14:18:17 GMT
activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50...
5450406.fls.doubleclick.net/ Frame DADE
Redirect Chain
  • https://5450406.fls.doubleclick.net/activityi;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a...
  • https://5450406.fls.doubleclick.net/activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.ref...
586 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5450406.fls.doubleclick.net/activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WXH7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
dd0975a21d9380df0cf205420aa8fc8ffdada0839ede94bc909e3e80aa5e6d79
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
454
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 13:28:58 GMT
expires
Thu, 16 Jun 2022 13:28:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 13:28:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5450406.fls.doubleclick.net/activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
jIQXhV9vOK4heciR4Iw0iz7hR7qIU97PjylrIOi19HoL2dhQenKeGMUY7XvFAEzX/o1AiBMv46wW59qhImStZQ==
x-frame-options
DENY
date
Thu, 16 Jun 2022 13:28:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 13:28:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=58243
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
/
adservice.google.com/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=ht... Frame 61D9 		502 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=https://www.refunder.se/
Requested by
Host: 6638233.fls.doubleclick.net
URL: https://6638233.fls.doubleclick.net/activityi;dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5073df13d25cdd87cd88223e0b95707227e816da6de16788752ca676d20c87d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6638233.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
392
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 13:28:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame 5316 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-127.fra6.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://www.refunder.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1403691
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 07:34:06 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Tue, 31 May 2022 07:33:23 GMT
vary
Accept-Encoding
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-id
wI1IqQGQiYoYAuxYBu3SOJ5bjF_6L4JZmJkXdeCFQlUxRsoeHwWaDQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-robots-tag
none
3639.a9d90a80bbad68a3.js
resources.refunder.se/js/chunks/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/3639.a9d90a80bbad68a3.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8d7270d5150613b3e69166ebdd5d18db243eca5b14c24d5a1060b1ddb5b6d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-1ef9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e442095923f7-ZRH
53aa8912dec7e10d38f59f36
widget.trustpilot.com/trustbox-data/ Frame C485 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=52cfc1ad000064000577d9ee&locale=sv-SE&reviewLanguages=sv&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
14c0af8c4cd91803f2eff7affbb9b8d7e3213145b575a75bd3c231b6e2882fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=52cfc1ad000064000577d9ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Jun 2022 13:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
2019
x-xss-protection
1; mode=block
x-skip-cache-cookie
0
etag
"3e20b57f1d6b01218308017617e2a6d5"
vary
Accept-Encoding
x-fallback-status
BYPASS
content-type
application/json; charset=utf-8
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control
public,max-age=1800
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
0LxObmuJgwu0nKeHImHDEJjJuxRCC5TprYqhArgFWFUpdzkSRauI9A==
TrustboxImpression
widget.trustpilot.com/stats/ Frame C485 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=sv-SE&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&reviewLanguages=sv&fontFamily=Lato&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.115%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=52cfc1ad000064000577d9ee&widgetId=53aa8912dec7e10d38f59f36
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-117.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=52cfc1ad000064000577d9ee
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:57 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
KDi-Dlv_YoHXQnyw2kUbp6uRe7Mp9Ae98SWy51sT1BEs6GgHXQIH7w==
x-xss-protection
1; mode=block
NRJS-c29ae83cbb449485bc2
bam.eu01.nr-data.net/1/ 		49 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-c29ae83cbb449485bc2?a=372410472&v=1216.487a282&to=MhBSZQoZWxVQAU0KDgtacVIMEVoIHgtXFQgRFERYFxYbClAMXQoPAg%3D%3D&rst=2340&ck=1&ref=https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d&ap=89&be=2071&fe=2204&dc=2202&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1655386135590,%22n%22:0,%22f%22:345,%22dn%22:346,%22dne%22:356,%22c%22:356,%22s%22:386,%22ce%22:426,%22rq%22:426,%22rp%22:733,%22rpe%22:790,%22dl%22:735,%22di%22:792,%22ds%22:827,%22de%22:827,%22dc%22:2069,%22l%22:2069,%22le%22:2079%7D,%22navigation%22:%7B%7D%7D&fp=1033&fcp=1033&at=HldRE0IDSBs%3D&jsonp=NREUM.setToken
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.8 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 13:28:58 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
x-envoy-upstream-service-time
4
cross-origin-resource-policy
cross-origin
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Connection
keep-alive
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UaBIaJmZR1OiF8tsolZ9EFJbHrIwNTQ2ONFkZb%2FORuOcOKVLQUAb2cza9QCIZY4BrxpROVmu1ig7qevC71hllcY9D%2BtArmXvl8mVeq7SKlmsA3chsNy%2FoETyo5%2FR2l5MRQWF06P"}],"group":"cf-nel","max_age":604800}
Content-Type
text/javascript
Access-Control-Allow-Origin
*
access-control-allow-credentials
true
CF-Ray
71c3e4428c0090dc-FRA
js
www.google-analytics.com/gtm/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NTKGVMB&cid=1792050007.1655386138
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5757174b78ce027d178ebce0c04bcbbc56a651e0a747c07e79a6dc815bfd2d4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38869
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Jun 2022 13:28:57 GMT
css
fonts.googleapis.com/ Frame C485 		1 KB
396 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:wght@400,500,700
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 13:27:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 13:28:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 13:28:58 GMT
1708459026105222
connect.facebook.net/signals/config/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1708459026105222?v=2.9.62&r=stable
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ea039f5ac94c36573189b7a2240da40ea12156863b7cae3d95eddf22116e3ef
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
n31lFUAAX7SB+3lhjQNPysxBjN4aAlv13HxQNwJyPeM+ePdsd8G+Sb04jXlOEtNHtQ0Q6sR2K9Fmy1vR0YgqYw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 16 Jun 2022 13:28:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655386138117
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
adservice.google.de/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=htt... Frame F47C 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=https://www.refunder.se/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMeX1fWJsvgCFWRIHQkdDlYH5A;src=6638233;type=page-0;cat=sitez0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7786436854;num=7242831030655.7295;~oref=https://www.refunder.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 13:28:58 GMT
expires
Thu, 16 Jun 2022 13:28:58 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=*;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c0782...
adservice.google.com/ddm/fls/z/ Frame DADE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=*;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik
Requested by
Host: 5450406.fls.doubleclick.net
URL: https://5450406.fls.doubleclick.net/activityi;dc_pre=CLKv3_WJsvgCFXtFHQkd5-4BpA;src=5450406;type=123;cat=refun00;ord=953398306334;gtm=2wg6f0;auiddc=1173210758.1655386138;~oref=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5450406.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
892.17f3c909a43e05d5.js
resources.refunder.se/js/chunks/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.refunder.se/js/chunks/892.17f3c909a43e05d5.js
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bfb23478d84f60d54209dbc7685b737af95f3ddeec4d670479f8f78cd03364a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 15 Jun 2022 09:25:27 GMT
server
cloudflare
etag
W/"62a9a587-263e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
71c3e4430afb23f7-ZRH
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_c...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D77148%26time%3D1655386138087%26url%3Dhttps%253A%252F%252Fwww.refunder.se%252Finvi...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_c...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true&e_ipv6=AQIBsiAsg1RLUQAAAYFss-nbUUDriE_poVC7orVqdMcvrqTZV9Ci8mXL1G8JK5RsL5CsJfkvFx9-kq6nbk5CkAJQIw97CQ
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:59 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2A0F9FFCEF1D441CA2B3EEB4F4B5D64F Ref B: FRAEDGE1107 Ref C: 2022-06-16T13:28:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhkJ7ONjZG0jew7SY6PA==
x-li-fabric
prod-lor1

Redirect headers

date
Thu, 16 Jun 2022 13:28:58 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DBF48DBABFED41A690AD2D5E91EFF80E Ref B: FRAEDGE1513 Ref C: 2022-06-16T13:28:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=77148&time=1655386138087&url=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik%26utm_medium%3Demail%26utm_source%3Drule&liSync=true&e_ipv6=AQIBsiAsg1RLUQAAAYFss-nbUUDriE_poVC7orVqdMcvrqTZV9Ci8mXL1G8JK5RsL5CsJfkvFx9-kq6nbk5CkAJQIw97CQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhkJ7JSed5N49lX4yxPA==
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41722784-4&cid=1792050007.1655386138&jid=42271719&gjid=611953472&_gid=814292389.1655386138&_u=aCDAgEILQAAAAE~&z=2044469949
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refunder.se/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Jun 2022 13:28:58 GMT
content-type
text/plain
access-control-allow-origin
https://www.refunder.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1494588861&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&ul=en-us&de=UTF-8&dt=Inbjudan%20till%20Refunder.se&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEILQ~&jid=42271719&gjid=611953472&cid=1792050007.1655386138&tid=UA-41722784-4&_gid=814292389.1655386138&cd6=1792050007.1655386138&z=1980716167
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 06:26:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25356
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
NRJS-c29ae83cbb449485bc2
bam.eu01.nr-data.net/events/1/ 		24 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-c29ae83cbb449485bc2?a=372410472&v=1216.487a282&to=MhBSZQoZWxVQAU0KDgtacVIMEVoIHgtXFQgRFERYFxYbClAMXQoPAg%3D%3D&rst=2518&ck=1&ref=https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d
Requested by
Host: www.refunder.se
URL: https://www.refunder.se/invitation/8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d?utm_source=rule&utm_medium=email&utm_campaign=grymt%20viktig%20information%20fr%C3%A5n%20Fredrik
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.8 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.refunder.se/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 16 Jun 2022 13:28:58 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.refunder.se
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ji0p2%2BzKf8e1s79UGhBHfMSOtZu%2F1DeK70LeCGg4rXNE9%2FU0LeCoavVtq6WPZ7aji8HL541dG4P1p0ZGMKwLW5P29Jntj53kt1P8sURqMGUPUFifk4x3HmfD6AXoLAoxeI5jVw5"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
Connection
keep-alive
CF-Ray
71c3e4433dbc90dc-FRA
Content-Length
24
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1708459026105222&ev=PageView&dl=https%3A%2F%2Fwww.refunder.se%2Finvitation%2F8ea6a1d87a50623f0aa431c9b2aaf37ecc4a1c078240ced9b0ac28653272717d%3Futm_source%3Drule%26utm_medium%3Demail%26utm_campaign%3Dgrymt%2520viktig%2520information%2520fr%25C3%25A5n%2520Fredrik&rl=&if=false&ts=1655386138129&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655386138128.1561913222&it=1655386138056&coo=false&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 13:28:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 16 Jun 2022 13:28:58 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41722784-4&cid=1792050007.1655386138&jid=42271719&_u=aCDAgEILQAAAAE~&z=1744643188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-41722784-4&cid=1792050007.1655386138&jid=42271719&_u=aCDAgEILQAAAAE~&z=1744643188
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.refunder.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 13:28:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| __cfQR object| NREUM object| newrelic function| __nr_require object| Ziggy function| route string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer string| axel number| a object| tracking function| hj object| _hjSettings object| google_tag_manager object| AppleID object| initialStoreState object| Trustpilot object| webpackChunkrefunder object| regeneratorRuntime object| core object| __core-js_shared__ function| isInViewport object| vue boolean| __cfRLUnblockHandlers function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| FB object| gaplugins object| gaData function| fbq function| _fbq string| _linkedin_data_partner_id object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| lintrk boolean| _already_called_lintrk object| google_optimize

28 Cookies

Domain/Path Name / Value
app.rule.io/ Name: laravel_session
Value: eyJpdiI6Im1BWGJ3NVlqbXA3NmJhTCtidk0wMFE9PSIsInZhbHVlIjoibUtKbzJBY0s2enBlZjZiMVJxOVBxMTNnSTluSm8vSGRNUmx3WjF3ai9VUEthMVVwZVdsS1VWNUd2NWlxUmRCRWZBK2dkYTN1WjRaSFE4OHBxektnOGpObWJHay8zUnBOUVFuaUk5RlowT21rRUc4dWdQOG12cmh2OUtmNjJWSmMiLCJtYWMiOiI3M2ZjZTQ0MDIyYTNlZTQ3MGNmN2MwOGIwYjg1MGI5N2Q2Y2ZjMTljNWQzMjM3ZTBhMTU4YTJmMTRkMDBhMTgwIiwidGFnIjoiIn0%3D
www.refunder.se/ Name: XSRF-TOKEN
Value: eyJpdiI6ImY2UE5uVUxxcU41YkYxcmJJS3JGeUE9PSIsInZhbHVlIjoiUC9sUVhVQUtyNnBOTnhNODhjV1pZcjV6NWpMTzZFZG92V1lDS2Z4SnNESllmckt1bGhRU1ZZQnpjeHFyWk9JaFRTeDhuUC81czRZaEJ6RkFGVmpsaU15clB5MVhXR2NZRTZyVEhxdEdBd3RjYi9GckllRld4NVZSUjgwTnVmVFkiLCJtYWMiOiIwYzRhZWJjZGJlZGNjMmQ2MDQ2YjkwNTQxMjc5NDZjZjJlZmYxNDg1MTA5MjVmMjk4OGY5YTMxYWY2MGY0YTEzIiwidGFnIjoiIn0%3D
www.refunder.se/ Name: refunder_session
Value: eyJpdiI6IlVVOCt2Sm1VSWpEV3hvWDR1UGhpVUE9PSIsInZhbHVlIjoiZ3UzTGl0dm1aTktGWmdWRzZ2KzVjRGR6V05MenNHL1Q3VXVxeGR2WStSc0xGdmZsRk9RUUllZE12WCtoUFVtRk56cnFFSGVFNkYwV3g5T3BFWWlnTjUwZm51eUhNZXZyQ3BNMGVHQy9NY1Fib3BEclZPVGthMkdJQ1VxWmFQOEwiLCJtYWMiOiJiNTRjMzQ5YmNkZDNiY2NiNmY1ZTZmYjMyOTEyNTA0N2JjNmIyMzNlZWQ5N2M2YzViYWYyMjgyNzk0ODRmOTQwIiwidGFnIjoiIn0%3D
www.refunder.se/ Name: re_utm_source
Value: cnVsZQ%3D%3D
www.refunder.se/ Name: re_utm_medium
Value: ZW1haWw%3D
www.refunder.se/ Name: re_utm_campaign
Value: Z3J5bXQgdmlrdGlnIGluZm9ybWF0aW9uIGZy5W4gRnJlZHJpaw%3D%3D
.refunder.se/ Name: _ga_F14TVBNT6M
Value: GS1.1.1655386137.1.0.1655386137.0
.refunder.se/ Name: _ga
Value: GA1.2.1792050007.1655386138
.refunder.se/ Name: _gid
Value: GA1.2.814292389.1655386138
.refunder.se/ Name: _gcl_au
Value: 1.1.1173210758.1655386138
.doubleclick.net/ Name: IDE
Value: AHWqTUmndcUBJDLieIO_A2grodZKJwPIb7gJ1CphxoHkuaBOUzSQLWvQhI5P88BVIEo
.nr-data.net/ Name: JSESSIONID
Value: 1f3dd56d9d39820
.refunder.se/ Name: _gat
Value: 1
.refunder.se/ Name: _fbp
Value: fb.1.1655386138128.1561913222
.facebook.com/ Name: fr
Value: 0gWnMJFC9E4FSreTa..BiqzAa...1.0.BiqzAa.
.refunder.se/ Name: _hjSessionUser_85928
Value: eyJpZCI6Ijc2NzcxN2NmLTRkODAtNWFiYy04NjJmLThjYjYxYzg0OGU4OCIsImNyZWF0ZWQiOjE2NTUzODYxMzgwMzAsImV4aXN0aW5nIjpmYWxzZX0=
.refunder.se/ Name: _hjFirstSeen
Value: 1
www.refunder.se/ Name: _hjIncludedInSessionSample
Value: 0
.refunder.se/ Name: _hjSession_85928
Value: eyJpZCI6ImU4Mzg0MjAyLTkyMGQtNDExMC1iNWIxLWIzMDI4YjdmMzZlZSIsImNyZWF0ZWQiOjE2NTUzODYxMzgyOTUsImluU2FtcGxlIjpmYWxzZX0=
.refunder.se/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQLzLDRL3ZBVLQAAAYFss-hQMjgJ8iBWuUVxesVcDExqaKNicz3KbOuQRTT3cfNAQVB_j4ZflEwumA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKZjN-gAl13cAAAAYFss-hQi_XZXo4Cz4dPnpMMwB6vJcdnEU4swpn5I6U9vu1iiPmLmO04axvjYx9_d61hBA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&0d2115da-dc7b-452c-84fe-3590795d89bc"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2744:u=1:x=1:i=1655386138:t=1655472538:v=2:sig=AQH5gUUD68FUls0-ADsL8qJbwlUbsPj8"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220616132858b37279fe-e769-43fa-8b9f-91007cada889AQFdIB_plTgIvsZCX5KKrmiMUhxvWRmN"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTUzODYxMzg7MjswMjE7YV2h8Upe2kDe0vHUVr08H9KgSmIrFbah7Od9E9B1Lg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5450406.fls.doubleclick.net
6638233.fls.doubleclick.net
adservice.google.com
adservice.google.de
app.rule.io
appleid.cdn-apple.com
bam.eu01.nr-data.net
cdn.refunder.se
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
resources.refunder.se
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.refunder.se
stats.g.doubleclick.net
vars.hotjar.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.refunder.se
104.92.101.166
13.107.42.14
142.250.186.38
151.101.2.137
185.221.87.8
2001:4860:4802:32::36
2606:4700:10::ac43:1c40
2606:4700:20::681a:373
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c1b::9d
2a02:26f0:ef::5c7b:c25a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
65.9.66.112
99.86.4.117
99.86.4.127
99.86.4.22
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
085c4cc0836036a7a3f292606328edf0beac847de78d2b7ef108c276268e1842
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0bfb23478d84f60d54209dbc7685b737af95f3ddeec4d670479f8f78cd03364a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14c0af8c4cd91803f2eff7affbb9b8d7e3213145b575a75bd3c231b6e2882fd0
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
163f46f38d572e7af7d72b2571686085fff4c0b61895a199d84b6f1a849acb81
1d8d9d74b70eeca447db77ebd9a6ce5b77f8a5914a8eeef72f1bfc5d099af737
1db3c3e659977fd5736bbf7e566f5b04e80aee161e3f1819dcd0de4e2d3d0005
25a959581dfca1ff09a592a68cb3c47c2dcd6cc05390f10f5f57ac44ec78826a
277397f9f0235d45f6c3ebf6d2bc9fe6f8612b798848d59e1f3b2279bce1346e
2823c47b9ee72c1fe711cebdc143bf1778e18870917c978dc7b6625741943b4c
2d8d7270d5150613b3e69166ebdd5d18db243eca5b14c24d5a1060b1ddb5b6d3
30faddd1345cc1494a19ab7702d743632d8be41283a2397fb7a315c0040ec00a
3369487a269ed867ce164cb0e889154f3ca9412533f238ee1c21665fe54c7e84
3a552d472eb919c47a2ce512c608411dbe849a881d4bfdfd64b5088f67a8a4d0
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
49f77319e2367765fc83e835225cb83d90add02de072e2681db42714fb2b441c
4ccd95d5e06d8b244e7878f08f4fbd5b728b76d55b64af1e3ba04bdf97915569
4e5b683e9d5db77d31a9ba839a0c367a3a9e61d40d41d6bb00a37aefb02fc318
4ea039f5ac94c36573189b7a2240da40ea12156863b7cae3d95eddf22116e3ef
4eca6d42e41d2bef33800c7dd64ad542aab93fa9004e7c063a68819c21167923
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56030ef93940f0e80685b1a764988f954e8745239081c43225b1abb7cf5ac133
5757174b78ce027d178ebce0c04bcbbc56a651e0a747c07e79a6dc815bfd2d4d
575a7f3ec56678b90ae05cffb8212411b4408d5c482b9f96c57bb8688f6fff81
58b8b288b49241207522401187484cadf49832551ee68cd0cb51a3bfb4d6e06a
67278a57833bfcc97c005863fdf1e004c68e36aea722fe41e30a7eb5fbbef794
68b829a5c0edf3ce599c40dac939dbaf14a872ae7636eb1253fe88edcff856dd
6d7f7576a3bb5eb2ab18b4af0a0fc472ce9ff02e4a312af2785546b1f6d183c1
6ed6b5719cb281f4e22b0d1fffb52183763c05bf47279742529ef11f1cbb81ab
6fe0da32ad16c75e58516c9de80c7a5fe3379a3cc614f56c2f515413062e8acd
76e68a44cb47e36f0f05177ac124228f09619d1676d6ca53e2efe0de83ffd781
80594f546a74b86177f268133193c916ee7d6ccd62c943cbd76e8194f8154f84
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91eae6a6e744a24134f7f968896fca46a7a4108a6fca1148c0d2deeda259fc24
98dab1800d1aeab8797789b49a7331d01dcc546edb64b0079fc8b6d454767754
9954976480ba2c51272fb1279dce290f1abea3c68f26881f7a4ff34a81aef620
99ab00edeb9fa42770be1cab71822ec256436dbdc56ce9832885935f72008faa
a1272b90987290bd975747df70152b6ca1ce264c7e2de470788b8bdad87621b5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b7b462a516fc5829dfed97535516ed4ecd95b7ad76ec3aa539597d417e8f2c
a77cf1c3561d7679da8092186eede2149f35a862a16774dd68d408e2faf69f4c
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
ac0911179225efa10c255b7beb7ae49bc0e062f01ade67e65a91019ea3e5539b
b1f744a76f39dc94315e36e7bcfdea4491073eb50d115070cb407fd4cf8aad1c
b259e574b47bbc0324b49677cdda0f1f2f28e3e9c97bb5d8a4c3848e88872a3c
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
b585980640b1e3d9a546918e99cf168d78e5194b2de9a5ceaadc186ade090eaa
b614fa18ad4b63605494f704797024b3f1387fc3a4a3e7fd178169c5ed11cd90
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bcc1d8fa963fa4d1edcfbd6d242169dee9a5e8ebfd6d6e7fcc96a49b60922db3
c1dcf0223e353e0dd690643726a43ffdd77ad1d68ac9776a0442ce7c1b7c5f59
c2508303380c18b6f35c2b8e52a6214e528b1376726c77e7c93e9b6e31c0a1d6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5073df13d25cdd87cd88223e0b95707227e816da6de16788752ca676d20c87d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d27e21266097a575969ef543c76aae24d4752d4efb38bdf3ff0b1c95d591e2dc
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd0975a21d9380df0cf205420aa8fc8ffdada0839ede94bc909e3e80aa5e6d79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e8d8ae309e83ac61b4f90abbf1c5324992e76d495ff18b42d31fff2f06d04185
e9f0c3a67fb8ac422f0a72169c17f9f1dfb5d923f5620331a5f5de93c97db649
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f005c49df451da78e1b6d1e6820ced17ad091cc23a0e9caa2f0700ae28153db2
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f9d98848bdcca414da43084702745afbe3f78e05ebd56572a6424b9bacf9b50c
f9e01430ffce6ff7a056890acd58b683c05b765dd1bbb12f81b03ed8c64f28f5
fbefd45f6e68a816442fc919696319cf3691618b34ded46654dde99eca2806e8