urlscan.io logo urlscan.io
SecurityTrails logo

rettsonline-app.com Open in urlscan Pro
20.50.2.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prediflow.se/
Effective URL: https://rettsonline-app.com/
Submission: On June 19 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 18 HTTP transactions. The main IP is 20.50.2.7, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rettsonline-app.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on April 22nd 2024. Valid for: 6 months.
This is the only time rettsonline-app.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 46.30.215.255 51468 (ONECOM)
8 20.50.2.7 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 52.222.149.65 16509 (AMAZON-02)
4 18.165.227.11 16509 (AMAZON-02)
1 52.207.185.49 14618 (AMAZON-AES)
18 8
1    46.30.215.255 (Copenhagen, Denmark)

ASN51468 (ONECOM, DK)
PTR: webforward-ssl64.webpod8-cph3.one.com
prediflow.se
8    20.50.2.7 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rettsonline-app.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-ingest.io
1    52.222.149.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-65.cdg52.r.cloudfront.net
widget.intercom.io
4    18.165.227.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-227-11.lhr61.r.cloudfront.net
js.intercomcdn.com
1    52.207.185.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-185-49.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
8 rettsonline-app.com
rettsonline-app.com
2 MB
4 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 4674
396 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 3016
api-iam.intercom.io — Cisco Umbrella Rank: 3077
6 KB
1 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 19714
168 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
94 KB
1 prediflow.se
prediflow.se
255 B
18 7
Domain Requested by
8 rettsonline-app.com rettsonline-app.com
4 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io rettsonline-app.com
1 cdn.lr-ingest.io rettsonline-app.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com rettsonline-app.com
1 prediflow.se 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
rettsonline-app.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-04-22 -
2024-10-22		 6 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
lr-ingest.io
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rettsonline-app.com/
Frame ID: 156D6BFF803776CA5CF4E40B60CB4DEF
Requests: 13 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7b1f6f56.js
Frame ID: FA92B50B21CB0FC45716903634A49055
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RETTS

Page URL History Show full URLs

  1. https://prediflow.se/ HTTP 302
    https://rettsonline-app.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io

Page Statistics

18
Requests

94 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

2482 kB
Transfer

4714 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prediflow.se/ HTTP 302
    https://rettsonline-app.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rettsonline-app.com/
Redirect Chain
  • https://prediflow.se/
  • https://rettsonline-app.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
7215d8ed494f872ceb124b86fbf4fb2b99225ee7ff0a5681dd3d57d0cf27f9b1

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
2020
content-type
text/html
date
Wed, 19 Jun 2024 19:29:37 GMT
etag
"65d5fb86-7e4"
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0

Redirect headers

age
0
cache-control
max-age:600, public
content-length
159
content-type
text/html; charset=utf-8
date
Wed, 19 Jun 2024 19:29:37 GMT
expires
Wed, 19 Jun 2024 19:39:37 GMT
last-modified
Wed, 19 Jun 2024 19:29:37 GMT
location
https://rettsonline-app.com/
via
1.1 webcache2 (Varnish/trunk)
x-varnish
33693565359
mi.css
rettsonline-app.com/ 		602 B
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/mi.css
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
77dd3a5f4034e1c21940d392aa7fcaf3a89aab1cd3b78120ee611a057551836e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:37 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-25a"
content-length
602
content-type
text/css
react-md.indigo-pink.min.css
rettsonline-app.com/ 		97 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/react-md.indigo-pink.min.css
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
9ad566d5fda9f4c594aaaa16077df198a5bb98cf69eacad8698374616f64d05b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:37 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-1822d"
content-length
98861
content-type
text/css
js
www.googletagmanager.com/gtag/ 		271 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MY2QGTC98S
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a2a9559289478d888152dd63adbd8272cf3a419b61928505754131a67c0e108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96339
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 19 Jun 2024 19:29:37 GMT
main.cd308f27.js
rettsonline-app.com/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/static/js/main.cd308f27.js
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
9ee2f27c6033543564afc074e158d4ea6f3d2b607b7b4bf1388c8a56287ab566

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:37 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-1869cf"
content-length
1599951
content-type
application/javascript
main.cf22164c.css
rettsonline-app.com/static/css/ 		63 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/static/css/main.cf22164c.css
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
ac100224f7e0ec9d57e7bd8a4b0c36d742274de2344f8547452bc5f824002ba4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:37 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-fc4a"
content-length
64586
content-type
text/css
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MY2QGTC98S&gtm=45je46h0v888193838za200&_p=1718825377578&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1762746859.1718825378&ul=se-se&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718825378&sct=1&seg=0&dl=https%3A%2F%2Frettsonline-app.com%2F&dt=RETTS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1258&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MY2QGTC98S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 19:29:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rettsonline-app.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger-1.min.js
cdn.lr-ingest.io/ 		845 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/static/js/main.cd308f27.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbd2a6041c7f28b5676adc7c76e0e9136693490a9f94c80b2573bad7a468486e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:38 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
219
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-lcy-eglc8600091-LCY
last-modified
Tue, 18 Jun 2024 19:35:38 GMT
server
cloudflare
x-timer
S1718739636.762764,VS0,VE2
etag
W/"f4d4ddae45340a3e49ca866a9b67ee1faea0f376fe56776fcf3dd823548ba2f6-br"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwAuB0P4wfwz8ZvxAz4MewU38GhGuhzHbE8CkXZaL%2FFEnLYb0NQ%2FOiA6jZhqDN1KeDO8vfDIX9Huhhc%2B0ry67SYd27ys8huA4NzLQojaQLWqYfrgxMNdD6WpJt9CII42CsE1"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
8965edd73b4260f5-LHR
x-cache-hits
1
common.json
rettsonline-app.com/locales/sv/ 		46 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/locales/sv/common.json?v1.9.1
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/static/js/main.cd308f27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
1307d0a82cb556cb6397774626561e9e3eaf10c0dbd820f3c936101d76700718

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
X-Requested-With
XMLHttpRequest
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:38 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-b61e"
content-length
46622
content-type
application/json
common.json
rettsonline-app.com/locales/en/ 		44 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/locales/en/common.json?v1.9.1
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/static/js/main.cd308f27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
9393766add67b24b839ccec11663fac4f1a7fe4051905af7deaa68d689ebac64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
X-Requested-With
XMLHttpRequest
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:38 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-b14b"
content-length
45387
content-type
application/json
8c5d7597-30c6-42b3-92d8-c084b7e7cd55
https://rettsonline-app.com/ 		471 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://rettsonline-app.com/8c5d7597-30c6-42b3-92d8-c084b7e7cd55
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/login
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ae5d7e5c70e1d535de3f8ecd7dc26a63388ef5d20254895438f1e3852951eb9

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
482471
Content-Type
widget
widget.intercom.io/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget
Requested by
Host: rettsonline-app.com
URL: https://rettsonline-app.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-65.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4320be1ed89c909f89d262251c837e43b50be1dcb289f7cabe05d2e1c2d04fd2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
sZ5dagUMqgcIm4K0VdRu.7V2vgHHq2pb
content-encoding
gzip
via
1.1 efde5be81ce9c9a89c77d96186504846.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 19:27:20 GMT
x-amz-cf-pop
CDG52-P1
age
148
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2668
last-modified
Wed, 19 Jun 2024 16:41:01 GMT
server
AmazonS3
etag
"0da21e7d5446bf4d8a66a1f2b0c5e4fc"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
zR8ZOXCOQoLT-N3Oh92vmKPOoAiQGCNh9TaRGS0cTWiy2ZMNXchOaQ==
favicon-32x32.png
rettsonline-app.com/favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rettsonline-app.com/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.2.7 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
beb88f84aff8502f3fe1ab04fec27a1097134cd986355212f3af2e73dda88f28

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rettsonline-app.com/login
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 19:29:38 GMT
last-modified
Wed, 21 Feb 2024 13:32:54 GMT
server
nginx/1.24.0
accept-ranges
bytes
etag
"65d5fb86-57a"
content-length
1402
content-type
image/png
frame-modern.7b1f6f56.js
js.intercomcdn.com/ Frame FA92 		460 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.7b1f6f56.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-11.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47d5d59c6ff64a0a766861393abc0aa4e03e9ce9339d9312a202500cfe638a7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
a.rTPEwfV9sGU.GQQiQ0_KLV48AdCXol
content-encoding
gzip
via
1.1 e3e3d4decb0c87744ac50467217c0106.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 18:41:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
LHR61-P5
age
2915
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141248
last-modified
Wed, 19 Jun 2024 16:37:31 GMT
server
AmazonS3
etag
"f186041cf37f1137b7caa10bc4c97d97"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Z43D0yTeXCCXSe50FfM7GbZ892Owz2Ci1-QNrZEwktiOC6IYgc4yuQ==
vendor-modern.a0d657ae.js
js.intercomcdn.com/ Frame FA92 		480 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.a0d657ae.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-11.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2ffcde94bdef31362ec0b8fc7b7472b6ef17393753b10cd31aac9c9c43fc6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
XwuR0NsztnMqlDOV_52XzBhxcaUf8LH5
content-encoding
gzip
via
1.1 e3e3d4decb0c87744ac50467217c0106.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 17:31:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
LHR61-P5
age
7077
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
152080
last-modified
Wed, 19 Jun 2024 15:28:34 GMT
server
AmazonS3
etag
"4c3f6cae904a1382fb46ef35d139fc2c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
9c7T67SHNmO0gE5YqmGS3BnjEoLp5Y--bzVhYhHhsSxQNwWH6buxkw==
ping
api-iam.intercom.io/messenger/web/ Frame FA92 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b1f6f56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.207.185.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-185-49.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c6ead3bbcf4c96d9ad753fda90d099b42402917eedd6894e4e2f3b7216367a54
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 19 Jun 2024 19:29:40 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0ed33283259c804aa
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00064pvodr224b1qpmqg
x-runtime
0.351625
server
nginx
etag
W/"c6ead3bbcf4c96d9ad753fda90d099b4"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rettsonline-app.com
x-intercom-version
68cee79a679aaba81d2f67c76365dcfeb76951f7
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
vendors~sentry-modern.4c531b33.js
js.intercomcdn.com/ Frame FA92 		357 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~sentry-modern.4c531b33.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b1f6f56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-11.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef392a99ed5a4ecac318e3f8aaa40200d0c6a2b19075b41ab45d6a48cc7266a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FQSEhbBUJXdUjMFiccqM4IlfDGsJ6IKZ
content-encoding
gzip
via
1.1 e3e3d4decb0c87744ac50467217c0106.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 18:43:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
LHR61-P5
age
2777
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
108349
last-modified
Thu, 13 Jun 2024 16:46:47 GMT
server
AmazonS3
etag
"bc4bf0ec72e961e12709c983e352da02"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ZHYpo21loC4MW3hi9mzV_gWn3Z4FcZPpzzVWTsPeK3VNEMKbq2P2Hg==
sentry-modern.67d1a311.js
js.intercomcdn.com/ Frame FA92 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/sentry-modern.67d1a311.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7b1f6f56.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.227.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-227-11.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
efa9dd2e760a0d5cb55e21703a524dcea722aa3925089dec20f4464176a3a55a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
60KNVDGSN3HEMnpo_dWPPJTMmj.fGU8j
content-encoding
gzip
via
1.1 e3e3d4decb0c87744ac50467217c0106.cloudfront.net (CloudFront)
date
Wed, 19 Jun 2024 18:41:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
LHR61-P5
age
2914
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1424
last-modified
Wed, 19 Jun 2024 16:37:31 GMT
server
AmazonS3
etag
"ea064dba33fa140f624c03465ca9d9c0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ojpKELFy_f44LdHMPOHWZ6POP6iQeBgIJcQmQamzvVBWBCwIJBvYiA==

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| Intercom function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| clearImmediate function| setImmediate object| regeneratorRuntime function| _lrMutationObserver object| __SDKCONFIG__ function| _ string| apiBaseUrl function| _LRLogger boolean| _lr_loaded function| __intercomAssignLocation function| __intercomReloadLocation

5 Cookies

Domain/Path Name / Value
.rettsonline-app.com/ Name: _ga
Value: GA1.1.1762746859.1718825378
.rettsonline-app.com/ Name: _ga_MY2QGTC98S
Value: GS1.1.1718825378.1.1.1718825379.0.0.0
.rettsonline-app.com/ Name: intercom-id-xxur6udg
Value: 64eb1aae-fdf9-46f7-a5af-444be88ac1ee
.rettsonline-app.com/ Name: intercom-session-xxur6udg
Value:
.rettsonline-app.com/ Name: intercom-device-id-xxur6udg
Value: a0b19730-022f-479a-9ba1-2776c3818dd3

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://rettsonline-app.com/login
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn.lr-ingest.io
js.intercomcdn.com
prediflow.se
region1.google-analytics.com
rettsonline-app.com
widget.intercom.io
www.googletagmanager.com
18.165.227.11
188.114.96.3
20.50.2.7
2001:4860:4802:32::36
2a00:1450:4001:827::2008
46.30.215.255
52.207.185.49
52.222.149.65
1307d0a82cb556cb6397774626561e9e3eaf10c0dbd820f3c936101d76700718
4320be1ed89c909f89d262251c837e43b50be1dcb289f7cabe05d2e1c2d04fd2
47d5d59c6ff64a0a766861393abc0aa4e03e9ce9339d9312a202500cfe638a7e
6ae5d7e5c70e1d535de3f8ecd7dc26a63388ef5d20254895438f1e3852951eb9
7215d8ed494f872ceb124b86fbf4fb2b99225ee7ff0a5681dd3d57d0cf27f9b1
77dd3a5f4034e1c21940d392aa7fcaf3a89aab1cd3b78120ee611a057551836e
9393766add67b24b839ccec11663fac4f1a7fe4051905af7deaa68d689ebac64
9a2a9559289478d888152dd63adbd8272cf3a419b61928505754131a67c0e108
9ad566d5fda9f4c594aaaa16077df198a5bb98cf69eacad8698374616f64d05b
9ee2f27c6033543564afc074e158d4ea6f3d2b607b7b4bf1388c8a56287ab566
ac100224f7e0ec9d57e7bd8a4b0c36d742274de2344f8547452bc5f824002ba4
bbd2a6041c7f28b5676adc7c76e0e9136693490a9f94c80b2573bad7a468486e
beb88f84aff8502f3fe1ab04fec27a1097134cd986355212f3af2e73dda88f28
c6ead3bbcf4c96d9ad753fda90d099b42402917eedd6894e4e2f3b7216367a54
ef392a99ed5a4ecac318e3f8aaa40200d0c6a2b19075b41ab45d6a48cc7266a5
efa9dd2e760a0d5cb55e21703a524dcea722aa3925089dec20f4464176a3a55a
f2ffcde94bdef31362ec0b8fc7b7472b6ef17393753b10cd31aac9c9c43fc6a5