www.gispen.com Open in urlscan Pro
104.18.28.236 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gispen.com/
Effective URL:
https://www.gispen.com/
Submission Tags: analytics-framework
Submission: On April 21 via api (April 21st 2023, 11:56:29 pm UTC) from US — Scanned from SE

Summary HTTP 45 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 45 HTTP transactions. The main IP is 104.18.28.236, located in and belongs to CLOUDFLARENET, US. The main domain is www.gispen.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 14th 2022. Valid for: a year.

This is the only time www.gispen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.114.85.70 217.114.85.70	30811 (EPISERVER_AS) (EPISERVER_AS)
34	104.18.28.236 104.18.28.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.36.162.211 23.36.162.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	18.66.122.75 18.66.122.75	16509 (AMAZON-02) (AMAZON-02)
2	104.18.11.120 104.18.11.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.45.111.185 23.45.111.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.84.10 13.225.84.10	16509 (AMAZON-02) (AMAZON-02)
45	7

1 217.114.85.70 (Sweden) 1 redirects

ASN30811 (EPISERVER_AS, SE)

gispen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 104.18.28.236 (None, )

ASN13335 (CLOUDFLARENET, US)

www.gispen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.162.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-211.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-75.fra60.r.cloudfront.net

www.mediabank-collection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.120 (None, )

ASN13335 (CLOUDFLARENET, US)

dl.episerver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.111.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-111-185.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-10.fra2.r.cloudfront.net

d2csxpduxe849s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	gispen.com 1 redirects gispen.com www.gispen.com	419 KB
4	mediabank-collection.com www.mediabank-collection.com	766 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4324 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4774	91 KB
2	episerver.net dl.episerver.net — Cisco Umbrella Rank: 21386	5 KB
1	cloudfront.net d2csxpduxe849s.cloudfront.net	494 KB
45	5

	Domain	Requested by
34	www.gispen.com	www.gispen.com consent.cookiebot.com
4	www.mediabank-collection.com	www.gispen.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	dl.episerver.net	www.gispen.com consent.cookiebot.com
2	consent.cookiebot.com	www.gispen.com consent.cookiebot.com
1	d2csxpduxe849s.cloudfront.net	www.gispen.com
1	gispen.com	1 redirects
45	7

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.cloudflare.com
policies.google.com
www.linkedin.com
privacy.microsoft.com
www.intercom.com
www.hotjar.com
twitter.com
www.facebook.com
www.instagram.com
vimeo.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-14` - `2023-11-14`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-04` - `2023-06-06`	a year	crt.sh
www.mediabank-collection.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-18`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-15` - `2023-06-17`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.gispen.com/
Frame ID: BFAB1E02B763620E53D7F3CD9F6320CB
Requests: 45 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 41BD7A330CFE9383B870F40EE461E273
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Circulaire projectinrichter voor zorg, onderwijs en kantoor - GispenPowered by Cookiebot

Page URL History Show full URLs

https://gispen.com/ HTTP 301
https://www.gispen.com/ Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

1774 kB
Transfer

2824 kB
Size

8
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/privacypolicy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.intercom.com/terms-and-policies#privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://twitter.com/gispen?lang=nl

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gispen/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gispen/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gispen-international-bv/

Search URL Search Domain Scan URL

URL: https://vimeo.com/gispen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gispen.com/ HTTP 301
https://www.gispen.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gispen.com/
Redirect Chain

https://gispen.com/
https://www.gispen.com/

65 KB
18 KB

4271ms
4119ms

Document
text/html

104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b03cfeca2bcac1621bcc712814a04c5fc27655f6fb0462491b6fd0d186827f2

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-headers: *
access-control-expose-headers: Request-Context
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7bb99019d92d991e-ARN
content-encoding: gzip
content-length: 15857
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 23:56:22 GMT
permissions-policy: autoplay=*
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://www.gispen.com/
Server: BigIP

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 107 KB
33 KB 181ms
54ms Script
application/javascript 23.36.162.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.gispen.com
URL: https://www.gispen.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e515f490d944acb1965c38d2fda139282422c6f078c53093fa37bc7b788fcc94

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 08:35:20 GMT
etag: "3cf4233d995cd91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=336
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 33483
expires: Sat, 22 Apr 2023 00:01:59 GMT

GET
H2 200 all-gispen.css
www.gispen.com/static/gispen/css/ 294 KB
62 KB 46ms
42ms Stylesheet
text/css 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/gispen/css/all-gispen.css?v=cb=1.0.8479.23899

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9645afc59911bff75a0c1e0170b978f49ebc3d4a04a7486486396114050fada

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 54056
content-length: 63598
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99033bd51991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 vendor.css
www.gispen.com/static/gispen/css/ 34 KB
6 KB 150ms
146ms Stylesheet
text/css 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/gispen/css/vendor.css?v=cb=1.0.8479.23899

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bc129250f1481f0202c55b6970b03c9a96fb7ff8cb3e1debd064f6de128608d

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000
content-length: 6276
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: text/css
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99033bd53991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 AvenirNextLTPro-Light.woff2
www.gispen.com/static/gispen/fonts/gispen/ 26 KB
26 KB 139ms
135ms Font
font/woff2 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/gispen/fonts/gispen/AvenirNextLTPro-Light.woff2

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86acac38cb5ebd1ed9c62d2fda68132a8bf28d3852bcf7d34fba9abe97b1e8d0

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gispen.com/
Origin: https://www.gispen.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
content-length: 26844
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: font/woff2
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99033bd54991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 AvenirNextLTPro-Medium.woff2
www.gispen.com/static/gispen/fonts/gispen/ 23 KB
23 KB 141ms
139ms Font
font/woff2 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/gispen/fonts/gispen/AvenirNextLTPro-Medium.woff2

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0e82af6f657e2f9b4c8ab1fa91ee06573151ccb42bf83720acbcf1ecb03078b

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gispen.com/
Origin: https://www.gispen.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: MISS
content-length: 23800
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: font/woff2
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99033bd55991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 AvenirNextLTPro-Thin.woff2
www.gispen.com/static/gispen/fonts/gispen/ 26 KB
28 KB 238ms
236ms Font
font/woff2 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/gispen/fonts/gispen/AvenirNextLTPro-Thin.woff2

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

109f65a54f94a363783571672206e383463ac7d1d33c9d6984167f12a04112f3

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gispen.com/
Origin: https://www.gispen.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
content-length: 27028
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: font/woff2
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99033bd56991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 thul-Gispen-collectie.jpg
www.mediabank-collection.com/m/2767f4790c0a94c4/ 23 KB
23 KB 234ms
66ms Image
image/jpeg 18.66.122.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabank-collection.com/m/2767f4790c0a94c4/thul-Gispen-collectie.jpg

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-75.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

e574f7c979b2ebd995edf72bbef5f0b6280826d97d17a3a9f65ca4009989b437

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 06:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 62729
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://www.mediabank-collection.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="thul-F7C1C320-7CBA-4F55-B0473F017DEE7077.jpg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: 8a8f70b0-fc74-2e1d-2315-499cec7922d5
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: DQWyeOVOrhdrjPVMuR3MbFR1JTwzZSvoAW7cTx68kNpHMnDalgqJLg==

GET
H2 200 find.js Show response
dl.episerver.net/13.5.7/epi-util/ 6 KB
2 KB 128ms
39ms Script
application/javascript 104.18.11.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.episerver.net/13.5.7/epi-util/find.js

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4545
x-powered-by: ASP.NET
content-length: 2265
last-modified: Fri, 17 Mar 2023 10:14:34 GMT
server: cloudflare
etag: W/"6124-1679048074000"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb99035c9e298f4-ARN
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 jquery-3.4.0.min.js Show response
www.gispen.com/Static/js/vendors/jquery/ 86 KB
39 KB 121ms
120ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/jquery/jquery-3.4.0.min.js

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e83c17bafcc92fedcfd3a0d452d05fb176d1bf87a5fac78f89c400e11d82e00c

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000
content-length: 39401
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990354e0d991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 jquery.validate.min.js Show response
www.gispen.com/Static/js/vendors/jquery/ 27 KB
10 KB 98ms
95ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/jquery/jquery.validate.min.js

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1361d463a6ef6f40a98d7313d3ab641dabb76687a967ab7e97a23937c10114e0

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000
content-length: 10385
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e2e991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
www.gispen.com/Static/js/vendors/jquery/ 6 KB
3 KB 116ms
113ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/jquery/jquery.validate.unobtrusive.min.js

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47bbec491cfe2006d3b79afdb9bfd5b020094e11d6dacca177d513c1ad9b36e

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000
content-length: 2806
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e2f991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 fetch.umd.js Show response
www.gispen.com/Static/js/vendors/ 18 KB
6 KB 45ms
42ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/fetch.umd.js

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d09d2f77af6183af8f8665066be57ecb7a120302610423faeccec5952e2fec82

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 54056
content-length: 6069
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e30991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 promise.js Show response
www.gispen.com/Static/js/vendors/ 4 KB
2 KB 44ms
41ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/promise.js

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e642efb676903c3e54575d80de4a909e92c1a3ad96daaba53a83fbfb1dce4e

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 54056
content-length: 1625
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e31991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 ui-elements.js Show response
www.gispen.com/Static/js/custom/dist/ 199 B
365 B 109ms
106ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/ui-elements.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd66571095ae22037cc94b3f86a560c5b88d6cd71a3771aa6721483d3cc8913

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 286
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e32991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 cartservice.js Show response
www.gispen.com/Static/js/custom/dist/ 7 KB
2 KB 120ms
118ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/cartservice.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07d3cdf86baee0da55c88ef50297db567c0aaf965ea7abb198d1bbd1b4986612

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 1937
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e33991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 checkout.js Show response
www.gispen.com/Static/js/custom/dist/ 10 KB
3 KB 98ms
96ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/checkout.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

231498d80dbf541e8e6091c06afa6ef3b33000d7268ff890aa1404f7fe22a0f2

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 2801
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e34991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 vatnumbercheck.js Show response
www.gispen.com/Static/js/custom/dist/ 404 B
497 B 117ms
115ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/vatnumbercheck.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68e39de4e1e1f2b08828ae6f3c395b042f608ed6fc4e0f267df321aafd5c6c33

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 410
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e35991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 productconfigurator.js Show response
www.gispen.com/Static/js/custom/dist/ 3 KB
1 KB 119ms
117ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/productconfigurator.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2050a13a5abd79e07c9484eb379db434d6f23b364ddd88c6f2f44aa190ddbf8c

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 1219
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb990358e36991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 organizationorders.js Show response
www.gispen.com/Static/js/custom/dist/ 8 KB
3 KB 143ms
142ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/organizationorders.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0f0e2c53e52997a3915f4ea1dd64ac41d13b1a0920251c1e0050220e02da38

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 3004
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99035be49991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 customerorders.js Show response
www.gispen.com/Static/js/custom/dist/ 927 B
2 KB 150ms
148ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/customerorders.js?v=638177181828937653

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe2afd08736ce4f389cbf4cd44f055d0b41e839a5fc91737d5c5e17504e332dc

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: MISS
strict-transport-security: max-age=31536000
content-length: 639
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99035be4a991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/0ba7bfe4-eaaa-4b84-a081-0f09e537c504/gispen.com/ 2 KB
867 B 196ms
77ms Script
application/x-javascript 23.45.111.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/0ba7bfe4-eaaa-4b84-a081-0f09e537c504/gispen.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-111-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6dcc64490d4b1d9c95c7570e7bf905a159dbc8ff8bda731ea77ae4757948bd33

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
last-modified: Sun, 16 Apr 2023 17:58:38 GMT
server: AkamaiNetStorage
etag: "e8d2fb758e7c35c827dab862db32d04d:1681667918.910505"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=23974
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="467255_390277125_92542289_200_710_49_0";dur=1
accept-ranges: bytes
content-length: 502
expires: Sat, 22 Apr 2023 06:35:57 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/0ba7bfe4-eaaa-4b84-a081-0f09e537c504/ 247 KB
57 KB 93ms
91ms Script
application/x-javascript 23.36.162.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/0ba7bfe4-eaaa-4b84-a081-0f09e537c504/cc.js?renew=false&referer=www.gispen.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.162.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-162-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 80610759b02cc61b9eb45af5f6967d2ade2658d93cf3f90097e46300f9077846

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 23:56:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 57534
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 sprite.svg
www.gispen.com/static/gispen/img/ 52 KB
18 KB 164ms
163ms Other
image/svg+xml 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/gispen/img/sprite.svg

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e818c6dc748a10316e00f412e276e07f88ac38463d0b71a301210a37d4ace92

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: MISS
content-encoding: gzip
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: W/"0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
cf-ray: 7bb99035be4b991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 sprite.svg
www.gispen.com/static/img/ 55 KB
17 KB 114ms
114ms Other
image/svg+xml 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/static/img/sprite.svg

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7d8e9593b2730e3d7ad72f29b37a9a06746b26ebeef51bad8ef69b29ad0ddba

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
content-encoding: gzip
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: W/"0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
cf-ray: 7bb99035be4c991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 41BD 627 B
812 B 112ms
77ms Document
text/html 23.45.111.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-111-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://www.gispen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=30504624
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 23:56:23 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Tue, 09 Apr 2024 01:26:47 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="467255_390277125_92542288_426_844_49_0";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 206 77890BD1-00E8-40A2-BB5A071C1A783A8B.mp4
d2csxpduxe849s.cloudfront.net/media/B31CE835-524E-48B3-97E6AAF3C935F7E9/831990E1-829A-48A5-99E377DAE27100FE/ 493 KB
494 KB 247ms
65ms Media
video/mp4 13.225.84.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2csxpduxe849s.cloudfront.net/media/B31CE835-524E-48B3-97E6AAF3C935F7E9/831990E1-829A-48A5-99E377DAE27100FE/77890BD1-00E8-40A2-BB5A071C1A783A8B.mp4
Requested by: Host: www.gispen.com
URL: https://www.gispen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-10.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da12877f068739943d71035d86c065a1853e0e48526428514de864dd2d8272db

Request headers

Referer: https://www.gispen.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 11 Apr 2023 07:10:20 GMT
x-amz-version-id: null
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 924364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-504608/504609
Content-Length: 504609
last-modified: Thu, 22 Sep 2022 09:10:09 GMT
server: AmazonS3
etag: "ddaa74a9802147f8a24d319c2ead9850"
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: AWMuMqayQQavHQx1gyaUUEZBdvnIFiOp4g9N7LaI0dcNiuz-oWrskA==

GET
H2 200 main.js Show response
www.gispen.com/Static/gispen/js/ 256 KB
78 KB 130ms
130ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/gispen/js/main.js?v=cb=1.0.8479.23899

Requested by

Host: www.gispen.com
URL: https://www.gispen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2860b7cfe4876902b313eb87a03465db27e3f9f87573765aecca558df9dcc568

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
cf-ray: 7bb990395fe5991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 find.js Show response
dl.episerver.net/13.5.7/epi-util/ 6 KB
2 KB 38ms
37ms Script
application/javascript 104.18.11.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.episerver.net/13.5.7/epi-util/find.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4545
x-powered-by: ASP.NET
content-length: 2265
last-modified: Fri, 17 Mar 2023 10:14:34 GMT
server: cloudflare
etag: W/"6124-1679048074000"
vary: accept-encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7bb990395c0398f4-ARN
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 jquery-3.4.0.min.js Show response
www.gispen.com/Static/js/vendors/jquery/ 86 KB
39 KB 46ms
45ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/jquery/jquery-3.4.0.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e83c17bafcc92fedcfd3a0d452d05fb176d1bf87a5fac78f89c400e11d82e00c

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 0
content-length: 39401
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb99039b803991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:23 GMT

GET
H2 200 Index
www.gispen.com/util/LiveMonitor/Tracking/ 44 B
388 B 133ms
132ms Image
image/gif 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gispen.com/util/LiveMonitor/Tracking/Index?contentId=3191&languageId=en&r=0.09051680566151621&referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
content-length: 44
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
x-aspnetmvc-version: 5.2
server: cloudflare
content-type: image/gif
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, proxy-revalidate, private, no-cache=Set-Cookie
permissions-policy: autoplay=*
cf-ray: 7bb99039b806991e-ARN
access-control-allow-headers: *
expires: -1

GET
H2 200 jquery.validate.min.js Show response
www.gispen.com/Static/js/vendors/jquery/ 27 KB
10 KB 42ms
42ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/jquery/jquery.validate.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1361d463a6ef6f40a98d7313d3ab641dabb76687a967ab7e97a23937c10114e0

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 10385
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903a082e991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 DownloadLarge-Homepageheader-2023-Gispen-NOMI.jpg
www.mediabank-collection.com/m/123dc1bf866c80b9/ 578 KB
567 KB 63ms
63ms Image
image/jpeg 18.66.122.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabank-collection.com/m/123dc1bf866c80b9/DownloadLarge-Homepageheader-2023-Gispen-NOMI.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-75.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

882e59624ce6693d506413410fd33cb3deff6b2cacca3d312b8bf6f4b94e3732

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 09:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 53133
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://www.mediabank-collection.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="DownloadLarge-Large-Gispen-NOMI-project-chair-with-red-upholstered-cover-and-TEAM-Wood-round-with-STEE-sofa-in-hospitality-setting-with-models-front-view.jpg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: d710c269-6795-81ba-b090-de6c4de162f9
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: qBAvVeGos0R71qgaT66v-30ihBLjeaGG56hzCf8ZoqLTDQ3GQVFd3w==

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
www.gispen.com/Static/js/vendors/jquery/ 6 KB
3 KB 42ms
42ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/jquery/jquery.validate.unobtrusive.min.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a47bbec491cfe2006d3b79afdb9bfd5b020094e11d6dacca177d513c1ad9b36e

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 2806
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903a6855991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 fetch.umd.js Show response
www.gispen.com/Static/js/vendors/ 18 KB
6 KB 45ms
45ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/fetch.umd.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d09d2f77af6183af8f8665066be57ecb7a120302610423faeccec5952e2fec82

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 54057
content-length: 6069
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903aa880991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 promise.js Show response
www.gispen.com/Static/js/vendors/ 4 KB
2 KB 43ms
43ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/vendors/promise.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e642efb676903c3e54575d80de4a909e92c1a3ad96daaba53a83fbfb1dce4e

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 54057
content-length: 1625
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:13:18 GMT
server: cloudflare
etag: "0eb99bc2d5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903af89a991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 ui-elements.js Show response
www.gispen.com/Static/js/custom/dist/ 199 B
1 KB 42ms
41ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/ui-elements.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd66571095ae22037cc94b3f86a560c5b88d6cd71a3771aa6721483d3cc8913

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 286
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903b38bf991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 landscapexl-TMNL-ZINN-Dukdalf-Outline-Dombo.jpg
www.mediabank-collection.com/m/3c7b13728fba8f10/ 113 KB
108 KB 132ms
132ms Image
image/jpeg 18.66.122.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabank-collection.com/m/3c7b13728fba8f10/landscapexl-TMNL-ZINN-Dukdalf-Outline-Dombo.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-75.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

d01581642f4f2c8bae73d2683cb51b2ac8b8da48e8359e2d56bfe7703f79aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 129952
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://www.mediabank-collection.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="landscapexl-Gispen-TMNL-workstation-with-speedcrank-in-green-and-Revived-tabletop-with-black-ZINN-office-chair-with-male-model-calling-with-backpanels-front-view.jpg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: bc131b57-ab70-b703-9c21-e9720c3406c4
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: vzAqBzyTBVDnK5ig50LsorpcGx25rzcN2LHhlgz93hS5USkiOSJ5fw==

GET
H2 200 cartservice.js Show response
www.gispen.com/Static/js/custom/dist/ 7 KB
2 KB 44ms
42ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/cartservice.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07d3cdf86baee0da55c88ef50297db567c0aaf965ea7abb198d1bbd1b4986612

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 1937
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903b88d9991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 checkout.js Show response
www.gispen.com/Static/js/custom/dist/ 10 KB
3 KB 42ms
40ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/checkout.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

231498d80dbf541e8e6091c06afa6ef3b33000d7268ff890aa1404f7fe22a0f2

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 2801
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903bd8f7991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 landscapexl-Webshop-Banner.jpg
www.mediabank-collection.com/m/25ba850e1990009a/ 76 KB
68 KB 60ms
59ms Image
image/jpeg 18.66.122.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mediabank-collection.com/m/25ba850e1990009a/landscapexl-Webshop-Banner.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-75.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

cc5ebf1cdb430a2706dd4465df3539402580af8e9157ab346559b4b753d232dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 54295
content-security-policy-report-only: default-src 'self'; child-src https://*; connect-src 'self' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://sentry10.bynder.cloud https://api2.amplitude.com https://analytics.com https://*.google-analytics.com https://stats.g.doubleclick.net https://*.amazonaws.com fast.appcues.com https://api.appcues.com https://api.appcues.net wss://api.appcues.net wss://www.mediabank-collection.com; font-src https://* data: ; img-src https://* data: blob:; media-src https://*; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com https://cdn.amplitude.com https://js.hs-analytics.net fast.appcues.com browser.sentry-cdn.com bynder-static.s3.amazonaws.com; style-src 'self' 'unsafe-inline' https://d1gx5xnbxsi8e4.cloudfront.net https://d8ejoa1fys2rk.cloudfront.net https://fonts.googleapis.com fast.appcues.com; report-uri https://sentry10.bynder.cloud/api/1817/security/?sentry_key=54eb95cff224477bbb80958bc3e5f251
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="landscapexl-Gispen-Webshop-intro-banner.jpg"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: febf46d1-0b7c-8186-1559-083be0aa1990
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: PCMdYOcG-YG2bIoYeV1-QXquGalup0rsZMVaOpcmRB1kzru5GBNmCg==

GET
H2 200 vatnumbercheck.js Show response
www.gispen.com/Static/js/custom/dist/ 404 B
481 B 49ms
48ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/vatnumbercheck.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68e39de4e1e1f2b08828ae6f3c395b042f608ed6fc4e0f267df321aafd5c6c33

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 410
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903c2920991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 productconfigurator.js Show response
www.gispen.com/Static/js/custom/dist/ 3 KB
1 KB 40ms
39ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/productconfigurator.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2050a13a5abd79e07c9484eb379db434d6f23b364ddd88c6f2f44aa190ddbf8c

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 1219
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903c7938991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 organizationorders.js Show response
www.gispen.com/Static/js/custom/dist/ 8 KB
3 KB 43ms
43ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/organizationorders.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0f0e2c53e52997a3915f4ea1dd64ac41d13b1a0920251c1e0050220e02da38

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 3004
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903cb954991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

GET
H2 200 customerorders.js Show response
www.gispen.com/Static/js/custom/dist/ 927 B
711 B 42ms
41ms Script
application/x-javascript 104.18.28.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gispen.com/Static/js/custom/dist/customerorders.js?v=638177181828937653

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe2afd08736ce4f389cbf4cd44f055d0b41e839a5fc91737d5c5e17504e332dc

Security Headers

Name	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gispen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 23:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: worker-src blob:; script-src 'self' *.episerver.com *.cloudfront.net *.episerver.net *.mapbox.com *.cookiebot.com *.googletagmanager.com *.googleadservices.com *.google-analytics.com *.google.com *.google.nl *.intercom.io *.intercomcdn.com *.licdn.com *.hotjar.com *.ipify.org *.doubleclick.net *.linkedin.com *.azure.com *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.msecnd.net *.facebook.com *.facebook.net *.visualstudio.com *.gstatic.com *.jquery.com *.jsdelivr.net *.criteo.com *.criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.google.com *.google-analytics.com *.google.nl *.linkedin.com *.mediabank-collection.com *.facebook.com *.criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' *.vimeo.com *.youtube.com *.acast.com *.spotify.com *.tblox.com *.2dela.nl; frame-src 'self' *.cookiebot.com *.episerver.net *.criteo.com *.criteo.net *.google.com *.hotjar.com 'unsafe-inline'; font-src 'self' *.episerver.net *.myfonts.net *.typekit.net *.bootstrapcdn.com *.intercomcdn.com data:; style-src-elem 'self' *.episerver.net *.googleapis.com *.jsdelivr.net *.bootstrapcdn.com *.myfonts.net *.typekit.net 'unsafe-inline'; style-src 'self' *.typekit.net *.myfonts.net *.bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
cf-cache-status: HIT
strict-transport-security: max-age=31536000
age: 1
content-length: 639
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4a6b6c0e-0871-4eee-be4f-8c25dcb2714c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Mar 2023 13:19:16 GMT
server: cloudflare
etag: "062fc912e5bd91:0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=86400
permissions-policy: autoplay=*
accept-ranges: bytes
cf-ray: 7bb9903d0975991e-ARN
access-control-allow-headers: *
expires: Sat, 22 Apr 2023 23:56:24 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gispen.com/	1970-01-20 12:55:21	Name: .ASPXANONYMOUS Value: 5foSQ8yqG2zTWeJO5ET3XUDzI0sc4ZnaNW5yvokWLwJkm9kEhJkJwU8j66w_2F87_zX8gGiYfX_YgSg-VsD_IEp7ClDy8AQoXvRpnVkrCmb6x63ooyZXrSMa0wq0Nj5XPisBho2L6ZDetre-EUJC6A2
www.gispen.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0tvwmxdwgbept1lysnghpyst
www.gispen.com/	1970-01-20 11:15:23	Name: EPiSessionId Value: 0091af10-95d3-434b-8453-dc4a19f74c4c
www.gispen.com/	1969-12-31 23:59:59	Name: epiOptimization Value: 349a1921-7688-4a69-91dd-e671ad6be398
www.gispen.com/	1970-01-20 20:00:57	Name: _madid Value: 5acbbacc-98ac-4d86-846f-cb08989743f4
.www.gispen.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 91db4702fab90b27a840f454b653c24d0644e69cb0a062e415746196fff9bc3b
.www.gispen.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 91db4702fab90b27a840f454b653c24d0644e69cb0a062e415746196fff9bc3b
www.gispen.com/	1970-01-20 11:15:24	Name: livemonitorUserId Value: f85d039e-6894-4e0d-a04a-4e8fd34b140b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	worker-src blob:; script-src 'self' .episerver.com .cloudfront.net .episerver.net .mapbox.com .cookiebot.com .googletagmanager.com .googleadservices.com .google-analytics.com .google.com .google.nl .intercom.io .intercomcdn.com .licdn.com .hotjar.com .ipify.org .doubleclick.net .linkedin.com .azure.com .vimeo.com .youtube.com .acast.com .spotify.com .msecnd.net .facebook.com .facebook.net .visualstudio.com .gstatic.com .jquery.com .jsdelivr.net .criteo.com .criteo.net 'unsafe-eval' 'unsafe-inline'; img-src 'self' .google.com .google-analytics.com .google.nl .linkedin.com .mediabank-collection.com .facebook.com .criteo.com googleads.g.doubleclick.net blob: https: data:; frame-ancestors 'self' .vimeo.com .youtube.com .acast.com .spotify.com .tblox.com .2dela.nl; frame-src 'self' .cookiebot.com .episerver.net .criteo.com .criteo.net .google.com .hotjar.com 'unsafe-inline'; font-src 'self' .episerver.net .myfonts.net .typekit.net .bootstrapcdn.com .intercomcdn.com data:; style-src-elem 'self' .episerver.net .googleapis.com .jsdelivr.net .bootstrapcdn.com .myfonts.net .typekit.net 'unsafe-inline'; style-src 'self' .typekit.net .myfonts.net .bootstrapcdn.com 'unsafe-inline' data:; media-src 'self' *.cloudfront.net;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiebot.com
consentcdn.cookiebot.com
d2csxpduxe849s.cloudfront.net
dl.episerver.net
gispen.com
www.gispen.com
www.mediabank-collection.com
104.18.11.120
104.18.28.236
13.225.84.10
18.66.122.75
217.114.85.70
23.36.162.211
23.45.111.185
07d3cdf86baee0da55c88ef50297db567c0aaf965ea7abb198d1bbd1b4986612
109f65a54f94a363783571672206e383463ac7d1d33c9d6984167f12a04112f3
1361d463a6ef6f40a98d7313d3ab641dabb76687a967ab7e97a23937c10114e0
2050a13a5abd79e07c9484eb379db434d6f23b364ddd88c6f2f44aa190ddbf8c
231498d80dbf541e8e6091c06afa6ef3b33000d7268ff890aa1404f7fe22a0f2
2860b7cfe4876902b313eb87a03465db27e3f9f87573765aecca558df9dcc568
4e0f0e2c53e52997a3915f4ea1dd64ac41d13b1a0920251c1e0050220e02da38
5bc129250f1481f0202c55b6970b03c9a96fb7ff8cb3e1debd064f6de128608d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
68e39de4e1e1f2b08828ae6f3c395b042f608ed6fc4e0f267df321aafd5c6c33
6dcc64490d4b1d9c95c7570e7bf905a159dbc8ff8bda731ea77ae4757948bd33
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
7e818c6dc748a10316e00f412e276e07f88ac38463d0b71a301210a37d4ace92
80610759b02cc61b9eb45af5f6967d2ade2658d93cf3f90097e46300f9077846
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
86acac38cb5ebd1ed9c62d2fda68132a8bf28d3852bcf7d34fba9abe97b1e8d0
882e59624ce6693d506413410fd33cb3deff6b2cacca3d312b8bf6f4b94e3732
8b03cfeca2bcac1621bcc712814a04c5fc27655f6fb0462491b6fd0d186827f2
a47bbec491cfe2006d3b79afdb9bfd5b020094e11d6dacca177d513c1ad9b36e
a9645afc59911bff75a0c1e0170b978f49ebc3d4a04a7486486396114050fada
c3e642efb676903c3e54575d80de4a909e92c1a3ad96daaba53a83fbfb1dce4e
cc5ebf1cdb430a2706dd4465df3539402580af8e9157ab346559b4b753d232dc
d01581642f4f2c8bae73d2683cb51b2ac8b8da48e8359e2d56bfe7703f79aa43
d09d2f77af6183af8f8665066be57ecb7a120302610423faeccec5952e2fec82
da12877f068739943d71035d86c065a1853e0e48526428514de864dd2d8272db
dfd66571095ae22037cc94b3f86a560c5b88d6cd71a3771aa6721483d3cc8913
e515f490d944acb1965c38d2fda139282422c6f078c53093fa37bc7b788fcc94
e574f7c979b2ebd995edf72bbef5f0b6280826d97d17a3a9f65ca4009989b437
e7d8e9593b2730e3d7ad72f29b37a9a06746b26ebeef51bad8ef69b29ad0ddba
e83c17bafcc92fedcfd3a0d452d05fb176d1bf87a5fac78f89c400e11d82e00c
f0e82af6f657e2f9b4c8ab1fa91ee06573151ccb42bf83720acbcf1ecb03078b
fe2afd08736ce4f389cbf4cd44f055d0b41e839a5fc91737d5c5e17504e332dc

www.gispen.com Open in urlscan Pro 104.18.28.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

7 IPs

4 Countries

1774 kBTransfer

2824 kBSize

8 Cookies

13 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gispen.com Open in urlscan Pro
104.18.28.236 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

4
Countries

1774 kB
Transfer

2824 kB
Size

8
Cookies

45 HTTP transactions
1 data transactions