Submitted URL: https://asavpn.gamsun.se/
Effective URL: https://salgado.se/
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from SE

Summary

This website contacted 16 IPs in 6 countries across 13 domains to perform 52 HTTP transactions. The main IP is 104.199.35.83, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is salgado.se.
TLS certificate: Issued by R3 on May 19th 2024. Valid for: 3 months.
This is the only time salgado.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.157.223.250 42708 (PORTLANE ...)
3 104.199.35.83 396982 (GOOGLE-CL...)
22 141.193.213.10 209242 (CLOUDFLAR...)
1 1 13.33.187.52 16509 (AMAZON-02)
2 143.204.215.27 16509 (AMAZON-02)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
1 142.250.185.104 15169 (GOOGLE)
2 172.65.192.122 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
2 2.18.64.31 20940 (AKAMAI-ASN1)
2 23.45.111.185 16625 (AKAMAI-AS)
8 52.16.209.68 16509 (AMAZON-02)
1 172.65.240.166 13335 (CLOUDFLAR...)
1 172.65.232.43 13335 (CLOUDFLAR...)
3 18.245.253.16 16509 (AMAZON-02)
52 16
Apex Domain
Subdomains
Transfer
22 wpenginepowered.com
newsalgado.wpenginepowered.com
442 KB
14 leadoo.com
bot.leadoo.com — Cisco Umbrella Rank: 325411
v1.bot.leadoo.com — Cisco Umbrella Rank: 781479
anl.leadoo.com — Cisco Umbrella Rank: 478951
res.leadoo.com — Cisco Umbrella Rank: 579160
165 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 6421
consentcdn.cookiebot.com — Cisco Umbrella Rank: 7143
imgsct.cookiebot.com — Cisco Umbrella Rank: 8045
113 KB
3 salgado.se
salgado.se
41 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 51227
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 53121
25 KB
1 hsforms.com
forms-eu1.hsforms.com — Cisco Umbrella Rank: 53409
1 KB
1 hubspot.com
track-eu1.hubspot.com — Cisco Umbrella Rank: 28501
1 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 27842
26 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 28245
24 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
109 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 25412
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
27 KB
1 gamsun.se
asavpn.gamsun.se
469 B
52 13
Domain Requested by
22 newsalgado.wpenginepowered.com salgado.se
newsalgado.wpenginepowered.com
8 anl.leadoo.com v1.bot.leadoo.com
3 res.leadoo.com client
res.leadoo.com
3 salgado.se salgado.se
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 v1.bot.leadoo.com salgado.se
bot.leadoo.com
1 forms-eu1.hsforms.com
1 imgsct.cookiebot.com
1 track-eu1.hubspot.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 www.googletagmanager.com salgado.se
1 js-eu1.hs-scripts.com salgado.se
1 cdnjs.cloudflare.com salgado.se
1 bot.leadoo.com 1 redirects
1 asavpn.gamsun.se 1 redirects
52 19
Subject Issuer Validity Valid
salgado.se
R3
2024-05-19 -
2024-08-17
3 months crt.sh
wpenginepowered.com
E5
2024-07-21 -
2024-10-19
3 months crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
hs-scripts.com
E1
2024-05-31 -
2024-08-29
3 months crt.sh
*.google-analytics.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
hscollectedforms.net
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
hs-analytics.net
WE1
2024-06-11 -
2024-09-09
3 months crt.sh
hs-banner.com
E1
2024-05-30 -
2024-08-28
3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-28 -
2025-02-27
a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-02-26
a year crt.sh
v1.bot.leadoo.com
Amazon RSA 2048 M03
2024-07-15 -
2025-08-14
a year crt.sh
anl.leadoo.com
Amazon RSA 2048 M02
2024-01-12 -
2025-02-09
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh
hsforms.com
WE1
2024-06-14 -
2024-09-12
3 months crt.sh
res.leadoo.com
Amazon RSA 2048 M03
2023-10-24 -
2024-11-19
a year crt.sh

This page contains 3 frames:

Primary Page: https://salgado.se/
Frame ID: 4E4C7699091DE4BF0302A42F553F24C2
Requests: 49 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: ED0A6CD49881E083E315B185F4FFC169
Requests: 1 HTTP requests in this frame

Frame: https://res.leadoo.com/fonts/poppins.css
Frame ID: 059BC52DE4D1EB21574C4C987C147E35
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Salgado - Er Digitala Marknadsföringsbyrå

Page URL History Show full URLs

  1. https://asavpn.gamsun.se/ HTTP 301
    https://salgado.se/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

96 %
HTTPS

0 %
IPv6

13
Domains

19
Subdomains

16
IPs

6
Countries

976 kB
Transfer

2655 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://asavpn.gamsun.se/ HTTP 301
    https://salgado.se/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://bot.leadoo.com/bot/inpage.js?code=Nin4fYPI HTTP 307
  • https://v1.bot.leadoo.com/bot/inpage.js?code=Nin4fYPI

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
salgado.se/
Redirect Chain
  • https://asavpn.gamsun.se/
  • https://salgado.se/
485 KB
33 KB
Document
General
Full URL
https://salgado.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.35.83 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
83.35.199.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
9b357dedb3f8855e3cfe1495b8e2f3f3fe11da04da81e1c6446511942ea13e41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 25 Jul 2024 11:25:04 GMT
link
<https://salgado.se/wp-json/>; rel="https://api.w.org/" <https://salgado.se/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json" <https://salgado.se/>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 42
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Thu, 25 Jul 2024 11:25:04 GMT
expect-ct
max-age=0
location
https://salgado.se/
referrer-policy
no-referrer
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
style.css
newsalgado.wpenginepowered.com/wp-content/themes/salgado/
94 B
265 B
Stylesheet
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/themes/salgado/style.css?ver=1.0
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe36ae20b059a89913a4c2e93412fc58c9764f7eccfbf4c18cc2e50d238f6d3

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Oct 2022 10:09:43 GMT
server
cloudflare
age
321
etag
W/"63590767-5e"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5d074522-TXL
alt-svc
h3=":443"; ma=86400
screen-prefix.css
newsalgado.wpenginepowered.com/css/
73 KB
14 KB
Stylesheet
General
Full URL
https://newsalgado.wpenginepowered.com/css/screen-prefix.css?1679494463
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47826e99c6997e66e40c7d8d2ad4cae599ab1375c6eb650514b60235510f6da9

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Mar 2023 14:14:23 GMT
server
cloudflare
age
321
etag
W/"641b0d3f-123ae"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5cfa4522-TXL
alt-svc
h3=":443"; ma=86400
inpage.js
v1.bot.leadoo.com/bot/
Redirect Chain
  • https://bot.leadoo.com/bot/inpage.js?code=Nin4fYPI
  • https://v1.bot.leadoo.com/bot/inpage.js?code=Nin4fYPI
225 KB
77 KB
Script
General
Full URL
https://v1.bot.leadoo.com/bot/inpage.js?code=Nin4fYPI
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H2
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
LeadooDispatch/1.107.7 /
Resource Hash
c206ad0843ae5abfffe376ef41af509d44145d1c5e0c980ca88eeb92ab43e1df
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jul 2024 11:25:07 GMT
via
1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
RefreshHit from cloudfront
x-ld-req
01J3MFVDMM3Q3N4NR7TNPW1MSW
x-leadoo-bot
inpage
referrer-policy
origin
server
LeadooDispatch/1.107.7
etag
"90ce3666ef94041420070ace149c683ac2ffc164"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, must-revalidate
x-amz-cf-id
xJerJ9Goja0yKL0_MBsE23TW6VJEJGpXixYuRd6kAwODw6Zu-aGPoA==
x-leadoo-bot-version
v0.233.0

Redirect headers

date
Thu, 25 Jul 2024 11:25:06 GMT
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
referrer-policy
origin
via
1.1 6b284415724869adc9db63c19e48e420.cloudfront.net (CloudFront)
server
LeadooDispatch/2.0.0-rc.119
x-amz-cf-pop
FRA60-P9
x-cache
Miss from cloudfront
x-ld-req
01J3MT6E67MY6M2VEFG6647MR4
location
https://v1.bot.leadoo.com/bot/inpage.js?code=Nin4fYPI
content-type
text/plain; charset=utf-8
content-length
88
x-amz-cf-id
PeqV9LaT6eHPqSMtCRRwPBlgu1_u3UR0-Cs-eJUCgtvw98qSiBpTMA==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/
82 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
62971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26660
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IwCuPhkn7%2FoaKmcgeVGDibMw5ufS2RpZttHHpSkaS8syuI%2Fbi2ZL2ytz51ghf8mbQpOFBY%2B8xE3JydqFDx3zKP12hmpCMKj4AkQhSmSiR6ROfK71q%2BmCeYYK6W7LkFJqOtDR4Pi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a8bc98b9e2c09b4-ARN
expires
Tue, 15 Jul 2025 11:25:05 GMT
swiper.8.4.3.js
newsalgado.wpenginepowered.com/js/vendor/swiper/
140 KB
40 KB
Script
General
Full URL
https://newsalgado.wpenginepowered.com/js/vendor/swiper/swiper.8.4.3.js
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e7b40cd5bddb5020e270d582fd5cbc2a04e2dffd0c7c5eaf2c8ebdd9b6d99b

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Oct 2022 07:44:32 GMT
server
cloudflare
age
321
etag
W/"635cd9e0-2311c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5d0d4522-TXL
alt-svc
h3=":443"; ma=86400
main.js
newsalgado.wpenginepowered.com/js/
3 KB
1 KB
Script
General
Full URL
https://newsalgado.wpenginepowered.com/js/main.js
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df82036c5d00ee9a14466e50374bada2aa095722aec1095ab3f08ba03ce0ccf

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Oct 2022 07:44:31 GMT
server
cloudflare
age
321
etag
W/"635cd9df-ba4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5d024522-TXL
alt-svc
h3=":443"; ma=86400
typewriter.2.19.0.js
newsalgado.wpenginepowered.com/js/vendor/typewriter/
12 KB
4 KB
Script
General
Full URL
https://newsalgado.wpenginepowered.com/js/vendor/typewriter/typewriter.2.19.0.js
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19bddd31e78b1f1070706cf625e45da429ff7b0f321aff43eef9a9577b5c2d8

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Nov 2022 12:12:10 GMT
server
cloudflare
age
321
etag
W/"637b6b1a-3166"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5d064522-TXL
alt-svc
h3=":443"; ma=86400
common.js
newsalgado.wpenginepowered.com/js/
18 KB
3 KB
Script
General
Full URL
https://newsalgado.wpenginepowered.com/js/common.js?1679652156
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3974cca0d36aa80df4920110a81752fc20ed7a03415c2a96b73e27ee4232d0a

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 10:02:36 GMT
server
cloudflare
age
321
etag
W/"641d753c-48d8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5d084522-TXL
alt-svc
h3=":443"; ma=86400
27115804.js
js-eu1.hs-scripts.com/
1 KB
1 KB
Script
General
Full URL
https://js-eu1.hs-scripts.com/27115804.js
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5326025ab6bce6167a13447e96fd536052243ec32bd29871588fc48895a50e3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
859451af-04f0-45ed-b807-864e7a2139a4
cf-polished
origSize=1569
age
6345
x-envoy-upstream-service-time
12
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
859451af-04f0-45ed-b807-864e7a2139a4
cf-bgj
minify
last-modified
Thu, 25 Jul 2024 09:39:20 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://salgado.se
x-evy-trace-served-by-pod
fra04/hubapi-td/envoy-proxy-576d445cf9-4724b
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cf-ray
8a8bc98d18315ef7-ARN
primary-navigation.js
newsalgado.wpenginepowered.com/wp-content/themes/salgado/assets/js/
6 KB
2 KB
Script
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/themes/salgado/assets/js/primary-navigation.js?ver=1.0
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
896a30041e1249377848e9351f2fa7b064c64bcb75cb1bbcac7230284d9f1a9f

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Oct 2022 09:58:44 GMT
server
cloudflare
age
321
etag
W/"635904d4-1782"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5d0b4522-TXL
alt-svc
h3=":443"; ma=86400
responsive-embeds.js
newsalgado.wpenginepowered.com/wp-content/themes/salgado/assets/js/
1 KB
765 B
Script
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/themes/salgado/assets/js/responsive-embeds.js?ver=1.0
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Oct 2022 09:58:44 GMT
server
cloudflare
age
321
etag
W/"635904d4-467"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5cff4522-TXL
alt-svc
h3=":443"; ma=86400
smush-lazy-load.min.js
newsalgado.wpenginepowered.com/wp-content/plugins/wp-smushit/app/assets/js/
8 KB
4 KB
Script
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.6
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Mar 2023 09:10:19 GMT
server
cloudflare
age
321
etag
W/"641ac5fb-1ef2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98b5cf64522-TXL
alt-svc
h3=":443"; ma=86400
39b64a77-9552-43fd-ac12-2680dba8193e
https://salgado.se/
1 KB
0
Other
General
Full URL
blob:https://salgado.se/39b64a77-9552-43fd-ac12-2680dba8193e
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/
339 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F6GVH5
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
35f383838261bde75d1ca4c7425c56c86732ff25afc217c6f340ab973b2d426c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111370
x-xss-protection
0
last-modified
Thu, 25 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Jul 2024 11:25:05 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
hero-digital-marknadsforingsbyra-teamet.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2023/03/
115 KB
115 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2023/03/hero-digital-marknadsforingsbyra-teamet.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf9cecb8309582180f4b3edd8a4ab558c5a3313a1c37d0f57f02b5340db44168

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2023 12:58:38 GMT
server
cloudflare
age
320
etag
"641463fe-1cab4"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98c8f604522-TXL
alt-svc
h3=":443"; ma=86400
content-length
117428
truncated
/
306 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4793b8acd8b630f4d38b600c865b3192a9bdfd6f17b6318ed45c5b66c71e29

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
background-contact.png
newsalgado.wpenginepowered.com/images/
12 KB
12 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/images/background-contact.png
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89fa4ff6d98560dd533f2993f8a88ad553854235730e6bb738406eae7e85c57

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
age
320
cf-polished
origSize=29478, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
12300
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Mar 2023 10:13:12 GMT
server
cloudflare
etag
"64119a38-7326"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98cafa24522-TXL
background-blob.svg
newsalgado.wpenginepowered.com/wp-content/uploads/2022/11/
504 B
532 B
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/11/background-blob.svg
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
07f82aef73f05c5998f0a0209e05d57439c8dd98d5a753c5b8aa547c9d7a1dea

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Mar 2023 10:00:18 GMT
server
cloudflare
age
320
etag
W/"64119732-1f8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98cafa74522-TXL
alt-svc
h3=":443"; ma=86400
jobb-digital-marknadsforingsbyra.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2023/03/
71 KB
71 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2023/03/jobb-digital-marknadsforingsbyra.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47abaaefc0eb78ed983cb2da96dadd5b4de1c721e828aae59aa546c0017df7d3

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Mar 2023 15:52:13 GMT
server
cloudflare
age
320
etag
"64133b2d-11ab8"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98cbfe54522-TXL
alt-svc
h3=":443"; ma=86400
content-length
72376
PlusJakartaSans-VariableFont_wght.woff2
newsalgado.wpenginepowered.com/fonts/plusjakartasans/
58 KB
58 KB
Font
General
Full URL
https://newsalgado.wpenginepowered.com/fonts/plusjakartasans/PlusJakartaSans-VariableFont_wght.woff2
Requested by
Host: newsalgado.wpenginepowered.com
URL: https://newsalgado.wpenginepowered.com/css/screen-prefix.css?1679494463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
284e59df791d2c9c0d5681716dd649a28819441286c843dbd1245538d7382547

Request headers

Referer
https://newsalgado.wpenginepowered.com/css/screen-prefix.css?1679494463
Origin
https://salgado.se
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Oct 2022 07:44:33 GMT
server
cloudflare
age
320
etag
"635cd9e1-e8c0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98e2e804504-TXL
alt-svc
h3=":443"; ma=86400
content-length
59584
Thunder-ExtraBoldLC.woff
newsalgado.wpenginepowered.com/fonts/thunder/
21 KB
21 KB
Font
General
Full URL
https://newsalgado.wpenginepowered.com/fonts/thunder/Thunder-ExtraBoldLC.woff
Requested by
Host: newsalgado.wpenginepowered.com
URL: https://newsalgado.wpenginepowered.com/css/screen-prefix.css?1679494463
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82094e35753323712a85141c638aa1951736bc1d78c3ae48bd74317c570ce4e2

Request headers

Referer
https://newsalgado.wpenginepowered.com/css/screen-prefix.css?1679494463
Origin
https://salgado.se
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Oct 2022 07:44:33 GMT
server
cloudflare
age
320
etag
"635cd9e1-5428"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98e2e834504-TXL
alt-svc
h3=":443"; ma=86400
content-length
21544
icon-arrowend.svg
newsalgado.wpenginepowered.com/images/
287 B
419 B
Image
General
Full URL
https://newsalgado.wpenginepowered.com/images/icon-arrowend.svg
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07e310bea4b335e2347a998799f8c5a3abee094af13557396f28ae572967aa6

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Mar 2023 10:13:13 GMT
server
cloudflare
age
320
etag
W/"64119a39-11f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8bc98ebc304522-TXL
alt-svc
h3=":443"; ma=86400
mini-informera-paverka-480x480.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/
16 KB
16 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/mini-informera-paverka-480x480.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2bdb710c9ff6671c5fad24cdb54ef2d4cf53e3cffbc0843894d6c1f21c27ae

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 13:02:05 GMT
server
cloudflare
age
320
etag
"6419aacd-3e48"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98ebc344522-TXL
alt-svc
h3=":443"; ma=86400
content-length
15944
mini-kompetensutveckla-480x480.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/
9 KB
9 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/mini-kompetensutveckla-480x480.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2a109cbaf3e3c6e3f18f2d03c7382a17f7c533fe9f54bde360537181b4342e

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 12:59:38 GMT
server
cloudflare
age
320
etag
"6419aa3a-24bc"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98ebc384522-TXL
alt-svc
h3=":443"; ma=86400
content-length
9404
mini-content-some-480x480.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/
13 KB
13 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/mini-content-some-480x480.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
568ec458df672eaf415a30466b1104e17e462c68d536b5edbef707e9cb42170a

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 12:56:57 GMT
server
cloudflare
age
320
etag
"6419a999-3200"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98ebc3c4522-TXL
alt-svc
h3=":443"; ma=86400
content-length
12800
mini-kvalitativa-leads-480x480.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/
7 KB
7 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/mini-kvalitativa-leads-480x480.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb57ea52acf7c3b6e342a3a8d9e9bae319dc7896b54da41b1d803cc4e1d26d7

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 12:50:41 GMT
server
cloudflare
age
320
etag
"6419a821-1bcc"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc98ebc3d4522-TXL
alt-svc
h3=":443"; ma=86400
content-length
7116
collectedforms.js
js-eu1.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/27115804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
Origin
https://salgado.se
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
age
320
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8a8bc1bd884298ea-ARN
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"ac41634810840adc02ea51748cb19c2f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
collected-forms-embed-js/static-1.586/bundles/project.js
date
Thu, 25 Jul 2024 11:25:05 GMT
x-amz-version-id
FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 41f78d12a2f737c8e7f8a05cb4262794.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
x-hubspot-correlation-id
dd76f2c6-98a7-4bc6-a43e-5f633449b503
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-evy-trace-route-configuration
listener_https/all
x-request-id
dd76f2c6-98a7-4bc6-a43e-5f633449b503
last-modified
Tue, 23 Jul 2024 12:55:20 UTC
server
cloudflare
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-75dd7fb59f-qrw6z
cf-ray
8a8bc98fce002d7b-ARN
x-amz-cf-id
dRR4XPdVnqdHeXdUEcTkS2aIv9ADv5ObYzmyn0PeMLlbGue4miFP3A==
27115804.js
js-eu1.hs-analytics.net/analytics/1721900100000/
68 KB
24 KB
Script
General
Full URL
https://js-eu1.hs-analytics.net/analytics/1721900100000/27115804.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/27115804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f941634b5c279602ebaff82bec9c44924ba2b626a4fecf466d0efd38ab78e917

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
BMAWBFDK4RKMCACN
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
094ce735-757c-49a8-a5fd-4c0e57f6f86c
x-envoy-upstream-service-time
23
x-amz-id-2
OGQJMRK87Cgpq7Be1g45J3TMCRT5hG0hpOz047b4fe5R1G+HJmZ47omQ6cnWnghoJP4Z2xAr0uE=
x-evy-trace-listener
listener_https
x-request-id
094ce735-757c-49a8-a5fd-4c0e57f6f86c
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 23 Jul 2024 19:05:23 GMT
server
cloudflare
etag
W/"58f5143db92f91990f4435f21da60d10"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-5cc6cdbf4d-46bll
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8a8bc98faaac0a37-ARN
expires
Thu, 25 Jul 2024 11:30:05 GMT
banner.js
js-eu1.hs-banner.com/v2/27115804/
71 KB
26 KB
Script
General
Full URL
https://js-eu1.hs-banner.com/v2/27115804/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/27115804.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc88aaec315303b4ed49b079edc2cb593b7cdfb9b30a0307f74b2db568d5c14

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:06 GMT
x-amz-version-id
Ihq3oyqSkPSL_VLZ3Ov8jSnlNzvg32x.
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
T5EQ31F9A4VJ8CV3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
4f7a97f5-1d37-4ba3-a555-d6d6f11ee3ed
x-envoy-upstream-service-time
74
x-amz-id-2
AroQqC1/iMn5bGhcEeA7ZouF/XMF4M7bctj6tMgRYEgFHOWUFXA0/OCVHyjcnoIpElpTFyLOrK+2MzuOYBUEbQ==
x-evy-trace-listener
listener_https
x-request-id
4f7a97f5-1d37-4ba3-a555-d6d6f11ee3ed
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 03 Jun 2024 04:01:31 GMT
server
cloudflare
etag
W/"20d1821a596b2760d722a0f4d7f295f7"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://salgado.se
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8a8bc98fdabb98f1-ARN
expires
Thu, 25 Jul 2024 11:30:06 GMT
wp-emoji-release.min.js
salgado.se/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://salgado.se/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.35.83 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
83.35.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:05 GMT
content-encoding
br
last-modified
Tue, 13 Feb 2024 14:36:07 GMT
server
nginx
etag
W/"65cb7e57-4926"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
uc.js
consent.cookiebot.com/
110 KB
25 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js?cbid=83258527-f534-4659-85c0-a0b95d8c331d&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F6GVH5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-31.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c37c64247f9e0eaa739af4c3750f7030cfb7969ff47badbb3b02a4f3648f636

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Thu, 25 Jul 2024 11:25:06 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2024 12:08:14 GMT
etag
"0bcf54d4d9da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=169
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
25155
expires
Thu, 25 Jul 2024 11:27:55 GMT
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/
136 B
474 B
XHR
General
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=27115804&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5ec94f1f025aead49f0dfbd5897861d680263290f4e9511510e0425e5d7d3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
eccec7c9-31dd-4653-b67b-9b951b81315d
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
eccec7c9-31dd-4653-b67b-9b951b81315d
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://salgado.se
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-75dd7fb59f-9v889
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8a8bc9930aee2d7b-ARN
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame ED0A
0
0
Document
General
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=83258527-f534-4659-85c0-a0b95d8c331d&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-185.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://salgado.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31535999
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Jul 2024 11:25:08 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Fri, 25 Jul 2025 11:25:07 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1721906707598_390277149_846363225_36_931_62_118_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/83258527-f534-4659-85c0-a0b95d8c331d/
333 KB
88 KB
Script
General
Full URL
https://consent.cookiebot.com/83258527-f534-4659-85c0-a0b95d8c331d/cc.js?renew=false&referer=salgado.se&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=83258527-f534-4659-85c0-a0b95d8c331d&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.31 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-31.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d9edd647c15dc55d7dcb0a8ec17d7aa0b6a6978fbcc41583e2eae240bd4b5f71

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:06 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2024 11:25:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
oka-konverteringarna-480x480.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/
14 KB
15 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/oka-konverteringarna-480x480.webp
Requested by
Host: salgado.se
URL: https://salgado.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a08e9ea29bdb7d97ccf702ac8a8a5110bb61e5d00405aeb1686e0c169fbed22

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:06 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Mar 2023 15:03:53 GMT
server
cloudflare
age
320
etag
"64148159-395c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc993e86e4522-TXL
alt-svc
h3=":443"; ma=86400
content-length
14684
lanlt.js
v1.bot.leadoo.com/i/al/
146 KB
39 KB
Script
General
Full URL
https://v1.bot.leadoo.com/i/al/lanlt.js?code=4d65d136
Requested by
Host: bot.leadoo.com
URL: https://bot.leadoo.com/bot/inpage.js?code=Nin4fYPI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
LeadooDispatch/1.107.7 /
Resource Hash
91610d3cb5d222fb236dd5ea6dc023d681d50807be42d8cf31b7a096a3fe29d9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 25 Jul 2024 11:19:46 GMT
via
1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
321
x-cache
Hit from cloudfront
x-ld-req
01J3M3QK4JFD0H7HXGYR0YPVFQ
referrer-policy
origin
server
LeadooDispatch/1.107.7
etag
"18263b130d687b3be61d08835d083baa0750ac97"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, must-revalidate
x-amz-cf-id
yNWQHPl-4IU2tu9m4uyQj0OOLy_ky0Yb8rIUR6dXLc3yZQrviXTRDg==
x-leadoo-bot-version
v0.233.0
/
anl.leadoo.com/idn/company/
75 B
179 B
XHR
General
Full URL
https://anl.leadoo.com/idn/company/?companyToken=4d65d136
Requested by
Host: v1.bot.leadoo.com
URL: https://v1.bot.leadoo.com/i/al/lanlt.js?code=4d65d136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6bacff9baa84b679d1e37179f908c079a859be7a22367d1a73ab6147f20547dc

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:07 GMT
content-length
75
content-type
application/json; charset=utf-8
/
anl.leadoo.com/idn/
15 B
149 B
XHR
General
Full URL
https://anl.leadoo.com/idn/
Requested by
Host: v1.bot.leadoo.com
URL: https://v1.bot.leadoo.com/i/al/lanlt.js?code=4d65d136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:07 GMT
access-control-expose-headers
etag, Etag
content-length
15
content-type
application/json; charset=utf-8
/
anl.leadoo.com/idn/
35 B
169 B
XHR
General
Full URL
https://anl.leadoo.com/idn/
Requested by
Host: v1.bot.leadoo.com
URL: https://v1.bot.leadoo.com/i/al/lanlt.js?code=4d65d136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b8d5746b56760a90cb2ba4c4222423cab23fd0943a28df9941b77dcc3434605

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:07 GMT
access-control-expose-headers
etag, Etag
content-length
35
content-type
application/json; charset=utf-8
/
anl.leadoo.com/idn/ Frame
0
0
Preflight
General
Full URL
https://anl.leadoo.com/idn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://salgado.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:07 GMT
vary
Access-Control-Request-Headers
/
anl.leadoo.com/idn/ Frame
0
0
Preflight
General
Full URL
https://anl.leadoo.com/idn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
if-none-match
Access-Control-Request-Method
GET
Origin
https://salgado.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
if-none-match
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:08 GMT
vary
Access-Control-Request-Headers
/
anl.leadoo.com/idn/
0
115 B
XHR
General
Full URL
https://anl.leadoo.com/idn/
Requested by
Host: v1.bot.leadoo.com
URL: https://v1.bot.leadoo.com/i/al/lanlt.js?code=4d65d136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
If-None-Match
01J290VV9G2V2WZ53Z7HQ89C4C

Response headers

access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:08 GMT
access-control-expose-headers
etag, Etag
etag
01J290VV9G2V2WZ53Z7HQ89C4C
__ptq.gif
track-eu1.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=se-se&bfp=1025018057&v=1.1&a=27115804&rcu=https%3A%2F%2Fsalgado.se%2F&pu=https%3A%2F%2Fsalgado.se%2F&t=Salgado+-+Er+Digitala+Marknadsf%C3%B6ringsbyr%C3%A5&cts=1721906708147&vi=7de6038338912af7a91ea4c191dc767f&nc=true&u=94995139.7de6038338912af7a91ea4c191dc767f.1721906708135.1721906708135.1721906708135.1&b=94995139.1.1721906708135&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
53c1fdee-06ff-40b8-af8e-14365153aa93
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
53c1fdee-06ff-40b8-af8e-14365153aa93
last-modified
Thu, 25 Jul 2024 11:25:08 GMT
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxrG%2FmC5LDZJEXe7VJiLPCeP0QQf7UWsg2aY5coUeK6n15GnXpKkfcER%2BTQqm2zeOb2RQkRN9c2poKGXvNbdCfGxYn6RcKPq3ozfAqAfn8PWe6Xc0pVVr%2BkFKdoZyhwX8w7Rrb0hjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-6c6cdbccc5-p5hbq
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
8a8bc99f0de30a34-ARN
x-robots-tag
none
1.gif
imgsct.cookiebot.com/
35 B
749 B
Image
General
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=83258527-f534-4659-85c0-a0b95d8c331d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.111.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-111-185.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 11:25:09 GMT
X-GUploader-UploadID
AHxI1nMSSxou_bn4qhA9Tqg98S-47Xt1cqgep4afUgm3apQ-bUqdYMYDDgcaZ6Z0ZMZyhgbMXvzxarGkZu7zdHg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
35
Last-Modified
Mon, 23 Oct 2023 11:39:32 GMT
Server
UploadServer
ETag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-generation
1698061172769999
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
public,max-age=1800
x-goog-stored-content-length
35
Accept-Ranges
bytes
Content-Type
image/gif
truncated
/
921 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
293 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
counters.gif
forms-eu1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 11:25:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
348bec14-0159-425a-a2a6-85e0c0cfaf11
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
348bec14-0159-425a-a2a6-85e0c0cfaf11
Server
cloudflare
vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-6f6ff6474c-fvkvb
access-control-expose-headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
CF-RAY
8a8bc9a03ac915e4-ARN
favicon.ico
salgado.se/favicons/
15 KB
3 KB
Other
General
Full URL
https://salgado.se/favicons/favicon.ico?v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.199.35.83 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
83.35.199.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0decc1b4a6d32cab1c6a35f749a56627bf3525d8cd9b9bfd203ffa90412c0ba1

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:08 GMT
content-encoding
br
last-modified
Mon, 20 Mar 2023 17:05:58 GMT
server
nginx
etag
W/"64189276-3aee"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=31536000
poppins.css
res.leadoo.com/fonts/ Frame 059B
2 KB
694 B
Stylesheet
General
Full URL
https://res.leadoo.com/fonts/poppins.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.253.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-253-16.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
554c65bacc9919dc093aedf9e67e55f5ca0f1990c3595a502f61992fc7a4f14b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:22:05 GMT
content-encoding
gzip
via
1.1 2f1f2b9dead1700acb398fe109f37844.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jul 2024 09:36:19 GMT
server
AmazonS3
x-amz-cf-pop
LHR5-P5
age
184
x-amz-server-side-encryption
AES256
etag
W/"e6118f90c7572935aef5c0b0dc12e0ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public,max-age=900
x-amz-cf-id
ujNJW2H10OBj6wyQPS0CAtMJ-PTQz85dtWehlaH-mE0DOZqyRnurXA==
f629ec9ca805041c066e589c5231df3a.svg
res.leadoo.com/bots/js/v0.233.0/images/ Frame 059B
14 KB
4 KB
Image
General
Full URL
https://res.leadoo.com/bots/js/v0.233.0/images/f629ec9ca805041c066e589c5231df3a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.253.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-253-16.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
416b21b5f74d7cafc153756a931cc4a577ab5f840c09580b5004b8d9731f7c02

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 10:48:11 GMT
content-encoding
gzip
via
1.1 2f1f2b9dead1700acb398fe109f37844.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jun 2024 11:18:33 GMT
server
AmazonS3
x-amz-cf-pop
LHR5-P5
age
2218
x-amz-server-side-encryption
AES256
etag
W/"ea6a4aba80f3391c77c64d5a227feca9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
YdJPXXUsKH4J_FZBT_2BaHv7AENnKDCR2OmY8c1rhTOwuXVBCAbRow==
t
anl.leadoo.com/
43 B
402 B
XHR
General
Full URL
https://anl.leadoo.com/t
Requested by
Host: v1.bot.leadoo.com
URL: https://v1.bot.leadoo.com/i/al/lanlt.js?code=4d65d136
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
abf3fcc1622afd2e4d50e183b7f95e754492241e1702b757a4a3e51d99fa3ad5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-Leadoo-Tracking
true
Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 25 Jul 2024 11:25:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"2b-RjydX69+f4EORssUnT7Ee5gXfxk"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-remaining
1999
x-ratelimit-reset
1721906714
x-ratelimit-limit
2000
content-length
43
x-xss-protection
1; mode=block
t
anl.leadoo.com/ Frame
0
0
Preflight
General
Full URL
https://anl.leadoo.com/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.209.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-209-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-leadoo-tracking
Access-Control-Request-Method
POST
Origin
https://salgado.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-leadoo-tracking
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Thu, 25 Jul 2024 11:25:08 GMT
vary
Access-Control-Request-Headers
mini-starka-varumarke-480x480.webp
newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/
35 KB
35 KB
Image
General
Full URL
https://newsalgado.wpenginepowered.com/wp-content/uploads/2022/12/mini-starka-varumarke-480x480.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4ce521581ccc0554a311da234b26e294f39496c9a2ee14f4b8be99755beb7f

Request headers

Referer
https://salgado.se/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:25:08 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Mar 2023 12:46:38 GMT
server
cloudflare
age
321
etag
"6419a72e-8a02"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a8bc9a06da34522-TXL
alt-svc
h3=":443"; ma=86400
content-length
35330
poppins.woff2
res.leadoo.com/fonts/ Frame 059B
42 KB
43 KB
Font
General
Full URL
https://res.leadoo.com/fonts/poppins.woff2
Requested by
Host: res.leadoo.com
URL: https://res.leadoo.com/fonts/poppins.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.253.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-253-16.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20de1f80b01921d1295a039ce2e0763a273fddecb35a875067d6bb9f5b2b81fd

Request headers

Referer
https://res.leadoo.com/fonts/poppins.css
Origin
https://salgado.se
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 11:20:49 GMT
via
1.1 81a723d8ae123d0a22af94ba42db81b4.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR5-P5
age
260
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
43344
last-modified
Tue, 02 Jul 2024 09:36:05 GMT
server
AmazonS3
etag
"2c3885393d6778069df787d1e0236bb7"
access-control-max-age
1200
access-control-allow-methods
HEAD, GET
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
ETag, Access-Control-Allow-Origin
cache-control
public,max-age=86400
vary
Origin
accept-ranges
bytes
x-amz-cf-id
HAEpVRu5L9lg5Sd6rsTuyJw6QDaNQ4VxFQ7iPsueLl1S1MSNIe8eZw==

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _wpemojiSettings object| dataLayer function| $ function| jQuery function| Swiper function| Typewriter function| twentytwentyoneToggleAriaExpanded function| twentytwentyoneCollapseMenuOnClickOutside function| twentytwentyoneSubmenuPosition function| twentytwentyoneExpandSubMenu function| twentytwentyoneResponsiveEmbeds object| lazySizes object| _hsp object| google_tag_manager object| google_tag_data boolean| ___TYPEWRITER_JS_STYLES_ADDED___ object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| twemoji object| wp object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog object| __ldjsonp object| ldanalytics boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime

8 Cookies

Domain/Path Name / Value
.salgado.se/ Name: __hstc
Value: 94995139.7de6038338912af7a91ea4c191dc767f.1721906708135.1721906708135.1721906708135.1
.salgado.se/ Name: hubspotutk
Value: 7de6038338912af7a91ea4c191dc767f
.salgado.se/ Name: __hssrc
Value: 1
.salgado.se/ Name: __hssc
Value: 94995139.1.1721906708135
.hubspot.com/ Name: __cf_bm
Value: ISruKgnv8JNSUIkB.p7Ly8o2UM5zVBbJo8djPf1iuOM-1721906708-1.0.1.1-BwkDzGK152Fnbc.Uwq6UUhrvMq7jRt6ybWhK9XKp0TvERB9J6WxRvh6BPHKwqvuVCQbURDJWks6Rm_mXnRLUkw
.hubspot.com/ Name: _cfuvid
Value: zTIu46xjTZMZ8U5ThYPo.61Mj.V7M3btSbJDOi2lq3Q-1721906708404-0.0.1.1-604800000
.hsforms.com/ Name: __cf_bm
Value: IjXzHGsxioT2eZVtgZ.fdHf3hXTKr4lOByZ9ZaF4_U4-1721906708-1.0.1.1-o.8f6nkMfGClP9f._VcENrEI7WHEHDO1LmrkMzS4LyDfNtR1tjP4gJAsd5FNJyeztWEz4D.wMN4446pcjZP1IQ
.hsforms.com/ Name: _cfuvid
Value: IwmJ1D8_Yn24RiUQRez3FzN1Hayzp4gNnhLpsaEBt3w-1721906708561-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anl.leadoo.com
asavpn.gamsun.se
bot.leadoo.com
cdnjs.cloudflare.com
consent.cookiebot.com
consentcdn.cookiebot.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
imgsct.cookiebot.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
newsalgado.wpenginepowered.com
res.leadoo.com
salgado.se
track-eu1.hubspot.com
v1.bot.leadoo.com
www.googletagmanager.com
104.17.24.14
104.199.35.83
13.33.187.52
141.193.213.10
142.250.185.104
143.204.215.27
172.65.192.122
172.65.202.201
172.65.208.22
172.65.232.43
172.65.238.60
172.65.240.166
18.245.253.16
185.157.223.250
2.18.64.31
23.45.111.185
52.16.209.68
07f82aef73f05c5998f0a0209e05d57439c8dd98d5a753c5b8aa547c9d7a1dea
0b8d5746b56760a90cb2ba4c4222423cab23fd0943a28df9941b77dcc3434605
0c37c64247f9e0eaa739af4c3750f7030cfb7969ff47badbb3b02a4f3648f636
0decc1b4a6d32cab1c6a35f749a56627bf3525d8cd9b9bfd203ffa90412c0ba1
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
1f4793b8acd8b630f4d38b600c865b3192a9bdfd6f17b6318ed45c5b66c71e29
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
20de1f80b01921d1295a039ce2e0763a273fddecb35a875067d6bb9f5b2b81fd
284e59df791d2c9c0d5681716dd649a28819441286c843dbd1245538d7382547
2a08e9ea29bdb7d97ccf702ac8a8a5110bb61e5d00405aeb1686e0c169fbed22
2cb57ea52acf7c3b6e342a3a8d9e9bae319dc7896b54da41b1d803cc4e1d26d7
32e7b40cd5bddb5020e270d582fd5cbc2a04e2dffd0c7c5eaf2c8ebdd9b6d99b
35f383838261bde75d1ca4c7425c56c86732ff25afc217c6f340ab973b2d426c
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
416b21b5f74d7cafc153756a931cc4a577ab5f840c09580b5004b8d9731f7c02
47826e99c6997e66e40c7d8d2ad4cae599ab1375c6eb650514b60235510f6da9
47abaaefc0eb78ed983cb2da96dadd5b4de1c721e828aae59aa546c0017df7d3
4cc88aaec315303b4ed49b079edc2cb593b7cdfb9b30a0307f74b2db568d5c14
4d5ec94f1f025aead49f0dfbd5897861d680263290f4e9511510e0425e5d7d3b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5326025ab6bce6167a13447e96fd536052243ec32bd29871588fc48895a50e3d
554c65bacc9919dc093aedf9e67e55f5ca0f1990c3595a502f61992fc7a4f14b
568ec458df672eaf415a30466b1104e17e462c68d536b5edbef707e9cb42170a
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c2bdb710c9ff6671c5fad24cdb54ef2d4cf53e3cffbc0843894d6c1f21c27ae
6a2a109cbaf3e3c6e3f18f2d03c7382a17f7c533fe9f54bde360537181b4342e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bacff9baa84b679d1e37179f908c079a859be7a22367d1a73ab6147f20547dc
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
82094e35753323712a85141c638aa1951736bc1d78c3ae48bd74317c570ce4e2
896a30041e1249377848e9351f2fa7b064c64bcb75cb1bbcac7230284d9f1a9f
8e4ce521581ccc0554a311da234b26e294f39496c9a2ee14f4b8be99755beb7f
91610d3cb5d222fb236dd5ea6dc023d681d50807be42d8cf31b7a096a3fe29d9
9b357dedb3f8855e3cfe1495b8e2f3f3fe11da04da81e1c6446511942ea13e41
9df82036c5d00ee9a14466e50374bada2aa095722aec1095ab3f08ba03ce0ccf
abf3fcc1622afd2e4d50e183b7f95e754492241e1702b757a4a3e51d99fa3ad5
b3974cca0d36aa80df4920110a81752fc20ed7a03415c2a96b73e27ee4232d0a
b89fa4ff6d98560dd533f2993f8a88ad553854235730e6bb738406eae7e85c57
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c07e310bea4b335e2347a998799f8c5a3abee094af13557396f28ae572967aa6
c206ad0843ae5abfffe376ef41af509d44145d1c5e0c980ca88eeb92ab43e1df
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
cbe36ae20b059a89913a4c2e93412fc58c9764f7eccfbf4c18cc2e50d238f6d3
cf9cecb8309582180f4b3edd8a4ab558c5a3313a1c37d0f57f02b5340db44168
d19bddd31e78b1f1070706cf625e45da429ff7b0f321aff43eef9a9577b5c2d8
d9edd647c15dc55d7dcb0a8ec17d7aa0b6a6978fbcc41583e2eae240bd4b5f71
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f941634b5c279602ebaff82bec9c44924ba2b626a4fecf466d0efd38ab78e917