www.winningtemp.com Open in urlscan Pro
34.253.101.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_n...
Effective URL:
https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-...
Submission: On July 08 via api (July 8th 2022, 11:17:36 am UTC) from DK — Scanned from SE

Summary HTTP 177 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 46 IPs in 4 countries across 33 domains to perform 177 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.winningtemp.com.
TLS certificate: Issued by R3 on June 26th 2022. Valid for: 3 months.

This is the only time www.winningtemp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.31 199.60.103.31	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	34.253.101.190 34.253.101.190	16509 (AMAZON-02) (AMAZON-02)
13	13.225.78.111 13.225.78.111	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	104.17.210.204 104.17.210.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.36.163.230 23.36.163.230	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.17.182.73 104.17.182.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.84.117 13.225.84.117	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
4	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	104.109.69.83 104.109.69.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.33.171 104.18.33.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.112.176 104.17.112.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.128.171 104.17.128.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.67.176 104.17.67.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1 6	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.21.20.155 2.21.20.155	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
2	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
63	13.224.189.86 13.224.189.86	16509 (AMAZON-02) (AMAZON-02)
6	104.16.168.82 104.16.168.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.155.83 104.19.155.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2 3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.10 13.224.189.10	16509 (AMAZON-02) (AMAZON-02)
4	104.212.67.188 104.212.67.188	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
2 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 3	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	34.255.240.59 34.255.240.59	16509 (AMAZON-02) (AMAZON-02)
1	52.50.27.11 52.50.27.11	16509 (AMAZON-02) (AMAZON-02)
4	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
5	104.16.86.5 104.16.86.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
1 3	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.17.203.204 104.17.203.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.19.154.83 104.19.154.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.193.113.164 34.193.113.164	() ()
2	3.94.218.138 3.94.218.138	() ()
177	46

2 199.60.103.31 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.winningtemp.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.101.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

www.winningtemp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.225.78.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-111.fra2.r.cloudfront.net

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.210.204 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.163.230 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-230.deploy.static.akamaitechnologies.com

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.182.73 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.84.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-117.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.69.83 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-69-83.deploy.static.akamaitechnologies.com

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.171 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.112.176 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.128.171 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.67.176 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.20.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-155.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 13.224.189.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-86.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.168.82 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.155.83 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-10.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.212.67.188 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: rom30r3a.msedge.net

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.4 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.240.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.27.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-27-11.eu-west-1.compute.amazonaws.com

ws28.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.86.5 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.203.204 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.113.164 (None, )

ASN- ()

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.94.218.138 (None, )

ASN- ()

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	driftt.com js.driftt.com — Cisco Umbrella Rank: 5492	782 KB
13	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 14454	237 KB
11	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 d.clarity.ms — Cisco Umbrella Rank: 5130 c.clarity.ms — Cisco Umbrella Rank: 1113	51 KB
7	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 3073 track.hubspot.com — Cisco Umbrella Rank: 2144	5 KB
7	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 Failed in.hotjar.com — Cisco Umbrella Rank: 1509 ws28.hotjar.com — Cisco Umbrella Rank: 52997	134 KB
6	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2733 www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
6	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5501	3 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	25 KB
5	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4450	6 KB
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	48 KB
4	drift.com metrics.api.drift.com bootstrap.api.drift.com	391 B
4	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	219 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	232 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4432 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5152	94 KB
3	google.se www.google.se — Cisco Umbrella Rank: 21718	676 B
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 8	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485	3 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6630	442 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	7 KB
2	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	39 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5004	49 KB
2	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3409	5 KB
2	cloudfront.net d3e54v103j8qbb.cloudfront.net	61 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307 fonts.googleapis.com — Cisco Umbrella Rank: 71	7 KB
2	winningtemp.se 1 redirects info.winningtemp.se	4 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3680	899 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	16 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2291	953 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	40 KB
1	winningtemp.com www.winningtemp.com	9 KB
177	33

	Domain	Requested by
63	js.driftt.com	info.winningtemp.se js.driftt.com
13	assets-global.website-files.com	www.winningtemp.com assets-global.website-files.com consent.cookiebot.com
6	ws.zoominfo.com	info.winningtemp.se ws.zoominfo.com
5	track.hubspot.com
5	forms.hsforms.com	js.hsforms.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com consent.cookiebot.com
5	bat.bing.com	www.googletagmanager.com bat.bing.com www.winningtemp.com consent.cookiebot.com
4	d.clarity.ms	www.clarity.ms
4	www.clarity.ms	bat.bing.com www.clarity.ms consent.cookiebot.com
4	connect.facebook.net	info.winningtemp.se connect.facebook.net consent.cookiebot.com
4	www.googletagmanager.com	www.winningtemp.com www.googletagmanager.com js.hsadspixel.net www.googleoptimize.com
3	c.clarity.ms	1 redirects www.clarity.ms
3	www.google.se	www.winningtemp.com
3	www.google.com	2 redirects
3	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
3	fonts.gstatic.com	fonts.googleapis.com
3	js.hsforms.net	www.winningtemp.com consent.cookiebot.com
2	bootstrap.api.drift.com	js.driftt.com
2	metrics.api.drift.com	js.driftt.com
2	www.facebook.com	www.winningtemp.com
2	script.hotjar.com	static.hotjar.com consent.cookiebot.com
2	px.ads.linkedin.com	1 redirects www.winningtemp.com
2	forms.hubspot.com	js.hscollectedforms.net
2	static.hotjar.com	info.winningtemp.se
2	snap.licdn.com	www.googletagmanager.com consent.cookiebot.com
2	js.hs-analytics.net	js.hs-scripts.com consent.cookiebot.com
2	js.hscollectedforms.net	js.hs-scripts.com consent.cookiebot.com
2	js.hsadspixel.net	js.hs-scripts.com consent.cookiebot.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	d3e54v103j8qbb.cloudfront.net	www.winningtemp.com consent.cookiebot.com
2	consent.cookiebot.com	www.winningtemp.com consent.cookiebot.com
2	info.winningtemp.se	1 redirects
1	api.hubapi.com	js.hsadspixel.net
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	ws28.hotjar.com	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com consent.cookiebot.com
1	www.linkedin.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	fonts.googleapis.com	ajax.googleapis.com
1	js.hs-scripts.com	www.winningtemp.com
1	www.googleoptimize.com	www.winningtemp.com
1	ajax.googleapis.com	www.winningtemp.com
1	www.winningtemp.com	info.winningtemp.se
177	47

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
calendly.com
policies.google.com
legal.hubspot.com
www.linkedin.com
stripe.com
www.drift.com
privacy.microsoft.com
www.vidyard.com
www.hotjar.com
www.facebook.com
www.deltaprojects.com
www.g2crowd.com
career.winningtemp.se
info.winningtemp.se
help.winningtemp.com
app.winningtemp.com
winningtemp.com
www.capterra.com
press.winningtemp.com
instagram.com
twitter.com

Subject Issuer	Validity	Valid
info.winningtemp.se Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
www.winningtemp.com R3	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.website-files.com Amazon	`2021-11-12` - `2022-12-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-04` - `2023-06-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-15` - `2023-06-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
drift.com Amazon	`2021-09-08` - `2022-10-07`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 06	`2022-06-30` - `2023-06-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Frame ID: A42EE60718CC9D1F285024C9E23CEE41
Requests: 109 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: E461344290136C7BD2B7933A1AC819D8
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Frame ID: D7B55F68966A3F083C63FA264D4DC6B1
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
Frame ID: 720857E238D8E7E04D17B07CEE355B69
Requests: 31 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
Frame ID: C0729B354EDA9D1E0B92A8835141ADC3
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Få en gennemgang af Winningtemp!Powered by Cookiebot

Page URL History Show full URLs

https://info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJ... Page URL
https://info.winningtemp.se/events/public/v1/encoded/track/tc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3... HTTP 307
https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=21900... Page URL

Detected technologies

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

177
Requests

97 %
HTTPS

0 %
IPv6

33
Domains

47
Subdomains

46
IPs

4
Countries

2565 kB
Transfer

8730 kB
Size

40
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/
Title: Powered by Cookiebot

Search URL Search Domain Scan URL

URL: https://calendly.com/pages/privacy#cookies-and-other-tracking-mechanisms
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://legal.hubspot.com/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.drift.com/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us/privacystatement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.vidyard.com/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.deltaprojects.com/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.g2crowd.com/static/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://career.winningtemp.se/
Title: KarriärVi anställer! Kika på lediga tjänster

Search URL Search Domain Scan URL

URL: https://info.winningtemp.se/slapp-sargen-cecilia-holmblad
Title: PodcastSläpp sargen - en podd om framtidens HR

Search URL Search Domain Scan URL

URL: https://help.winningtemp.com/hc/sv
Title: HjälpcenterVanligt förekommande frågor och tips om hur Winningtemp fungerar

Search URL Search Domain Scan URL

URL: https://app.winningtemp.com/Account/Login
Title: Log ind

Search URL Search Domain Scan URL

URL: http://winningtemp.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.capterra.com/p/179827/WinningTemp/
Title: Capterra Reviews

Search URL Search Domain Scan URL

URL: https://press.winningtemp.com/
Title: Press

Search URL Search Domain Scan URL

URL: https://info.winningtemp.se/partner
Title: Partnerskap

Search URL Search Domain Scan URL

URL: https://www.facebook.com/winningtemp

Search URL Search Domain Scan URL

URL: https://instagram.com/winningtemp/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/winningtemp

Search URL Search Domain Scan URL

URL: https://twitter.com/winningtempnews

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6zBnL7W48GWy75gjVhKW40PrNV6vjMS0W3ymFpL6Jm82VW6NWJZp3WF6NwN5HjJMQb7wYKW8F3kBc8sdqT1W3CMxW05HHdqgW8-4c138H1wzQN6L4nMxg3qF2W2SJWLH8PDs04W4K_q3j6nnTlPW7g0dJM669dcVW2T0_6F8qW4vvW4Pp0lH2mkdfNW1dx_5l5Yx1MDW3cB5c24tHjkfW1D9jHR1m4K5N31vR1 Page URL
https://info.winningtemp.se/events/public/v1/encoded/track/tc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6zBnL7W48GWy75gjVhKW40PrNV6vjMS0W3ymFpL6Jm82VW6NWJZp3WF6NwN5HjJMQb7wYKW8F3kBc8sdqT1W3CMxW05HHdqgW8-4c138H1wzQN6L4nMxg3qF2W2SJWLH8PDs04W4K_q3j6nnTlPW7g0dJM669dcVW2T0_6F8qW4vvW4Pp0lH2mkdfNW1dx_5l5Yx1MDW3cB5c24tHjkfW1D9jHR1m4K5N31vR1?_ud=61e7a044-6965-4328-af94-fe2f9434c9be&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1662900&time=1657279048016&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3F_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_campaign%3DCustomer%2520sendout%26utm_content%3D219002238%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D219002238 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1662900%26time%3D1657279048016%26url%3Dhttps%253A%252F%252Fwww.winningtemp.com%252Fdk%252Fbook-en-demo%253F_hsenc%253Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%2526utm_campaign%253DCustomer%252520sendout%2526utm_content%253D219002238%2526utm_source%253Dhs_email%2526utm_medium%253Demail%2526_hsmi%253D219002238%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1662900&time=1657279048016&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3F_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_campaign%3DCustomer%2520sendout%26utm_content%3D219002238%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D219002238&liSync=true

Request Chain 54

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QxLIYoT-FtK_mLAPgZWLqAc&sscte=1&crd=&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3qg8VOTPtW_aUkhceFCWyKw3f1qGIMahNQ HTTP 302
https://www.google.com/pagead/1p-conversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QxLIYoT-FtK_mLAPgZWLqAc&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3p9wzONgyQQCCVrVsGjbob9uICyXnFS7SA&random=4124994795&resp=GooglemKTybQhCsO HTTP 302
https://www.google.se/pagead/1p-conversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QxLIYoT-FtK_mLAPgZWLqAc&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3p9wzONgyQQCCVrVsGjbob9uICyXnFS7SA&random=4124994795&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 96

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RxLIYtDlIsuomLAPp-6wwAU&sscte=1&crd=&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3ucM1itNUSZFCFYQSREZ9JoZUqoproteUg HTTP 302
https://www.google.com/pagead/1p-conversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RxLIYtDlIsuomLAPp-6wwAU&cid=CAQSKQCNIrLM-2xUZ3twdb_Uiz5UAN_3DD_24Oa7ka3ETh9exzwAl0HvyD5q&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3kg8IWF_hIBDZKCC_zInqzOYg2ACxnnq9A&random=1957257121&resp=GooglemKTybQhCsO HTTP 302
https://www.google.se/pagead/1p-conversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RxLIYtDlIsuomLAPp-6wwAU&cid=CAQSKQCNIrLM-2xUZ3twdb_Uiz5UAN_3DD_24Oa7ka3ETh9exzwAl0HvyD5q&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3kg8IWF_hIBDZKCC_zInqzOYg2ACxnnq9A&random=1957257121&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 99

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=75EE8E97EEE140EAB558A1C4F05592DC&RedC=c.clarity.ms&MXFR=3671E169791E6AE53639F0B27D1E64F8 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=75EE8E97EEE140EAB558A1C4F05592DC&MUID=27904C89E9BD6D573B115D52E8956CFE

177 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6zBnL7W48GWy75gjVhKW40PrNV6vjMS0W3ymFpL6Jm82VW6NWJZp3WF6NwN5HjJMQb7wYKW8F3kBc8...
info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/ 9 KB
3 KB 244ms
174ms Document
text/html 199.60.103.31
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6zBnL7W48GWy75gjVhKW40PrNV6vjMS0W3ymFpL6Jm82VW6NWJZp3WF6NwN5HjJMQb7wYKW8F3kBc8sdqT1W3CMxW05HHdqgW8-4c138H1wzQN6L4nMxg3qF2W2SJWLH8PDs04W4K_q3j6nnTlPW7g0dJM669dcVW2T0_6F8qW4vvW4Pp0lH2mkdfNW1dx_5l5Yx1MDW3cB5c24tHjkfW1D9jHR1m4K5N31vR1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.31 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 727869ae7e5a15f4-ARN
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 08 Jul 2022 11:17:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Fri, 08 Jul 2022 11:17:19 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfQG3WHL%2FmYD7edlcW8HUv8xzYr91n%2BAVV%2FAl9vFkRyFwcARuYY9mFpAlakhRwxPXWy7vLD8jY8HkpS8bumxkmXsys0qJKch0I4rYYZcvoH2jdHstNhD%2FEV3yrvcpZRJnGH4uWI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 490fbb48-b13e-4c80-8d52-522e2999ba7f
x-robots-tag: none

GET
H2

200

Primary Request book-en-demo Show response
www.winningtemp.com/dk/
Redirect Chain

https://info.winningtemp.se/events/public/v1/encoded/track/tc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6...
https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3...

28 KB
9 KB

552ms
421ms

Document
text/html

34.253.101.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email

Requested by

Host: info.winningtemp.se
URL: https://info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6zBnL7W48GWy75gjVhKW40PrNV6vjMS0W3ymFpL6Jm82VW6NWJZp3WF6NwN5HjJMQb7wYKW8F3kBc8sdqT1W3CMxW05HHdqgW8-4c138H1wzQN6L4nMxg3qF2W2SJWLH8PDs04W4K_q3j6nnTlPW7g0dJM669dcVW2T0_6F8qW4vvW4Pp0lH2mkdfNW1dx_5l5Yx1MDW3cB5c24tHjkfW1D9jHR1m4K5N31vR1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

1fe6d80da9210e1b7d9ce06af8f305181d80fce8bb9436e4900fac5b82aceb4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://info.winningtemp.se/e3t/Ctc/GD+113/cGlV-04/MWcQx_SCf6vVKBxcY22jVZTW5l3Nw34MdyZ2N7FnD133q3npV1-WJV7CgZSBW4pb7372Rf2_nW1tzbc68C-r3KW7sBwgv7jbJxSW73QGWc81kVMwW6hQcyz6zBnL7W48GWy75gjVhKW40PrNV6vjMS0W3ymFpL6Jm82VW6NWJZp3WF6NwN5HjJMQb7wYKW8F3kBc8sdqT1W3CMxW05HHdqgW8-4c138H1wzQN6L4nMxg3qF2W2SJWLH8PDs04W4K_q3j6nnTlPW7g0dJM669dcVW2T0_6F8qW4vvW4Pp0lH2mkdfNW1dx_5l5Yx1MDW3cB5c24tHjkfW1D9jHR1m4K5N31vR1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 8946
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 08 Jul 2022 11:17:20 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cluster-name: eu-west-1-prod-edge-blue
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kiad7000051-IAD, cache-dub4325-DUB
x-timer: S1657279040.300902,VS0,VE343

Redirect headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 727869afbfd315f4-ARN
date: Fri, 08 Jul 2022 11:17:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email>; rel="canonical"
location: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvdtoNWLG27nyonxTNwi0DRc0AQwXArAeJuN85pGfw3GIojm3%2FeOpH4XvygXCg66AhEoWdPap6aI8ExTALceJ0nT3QpxlJlnn83l19KwMfU%2Bx6%2F0NYV2YXb569QU8cSgDajgbyg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-hubspot-correlation-id: 12e4bc72-46ff-43e8-8b45-c2b9a9df5176
x-robots-tag: none

GET
H2 200 winningtemp.3548faa01.min.css
assets-global.website-files.com/603df060fa2bf1b496c315d3/css/ 167 KB
28 KB 305ms
147ms Stylesheet
text/css 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/css/winningtemp.3548faa01.min.css
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a15272fe8b80a449c7d9739a4fb13137432fd5bf9ecb904e4e0961b9234e9312

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 6.C202F_GMHbhzSawa3DIYglRNJCDt06
content-encoding: gzip
etag: "25e8be2f15da3c90a85fb32d818c79cc"
age: 33154
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28654
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 12:36:05 GMT
server: AmazonS3
date: Fri, 08 Jul 2022 02:04:47 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: iGC3vLRp4prDktWNmkSDLGYKCky9-z0Lmv-HK0jphbTsHS6cIgE1oA==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 231ms
67ms Script
text/javascript 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:12:56 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 103 KB
40 KB 232ms
68ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NDK7R3K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

8537658f1c3353d27487ba55287bcaa83b0366af90c30d63ebd3422b0978c86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40701
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 11:17:20 GMT

GET
H2 200 5566319.js Show response
js.hs-scripts.com/ 2 KB
953 B 172ms
53ms Script
application/javascript 104.17.210.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/5566319.js
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.210.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0afd6cedf4a16f8eb5157d7b0e069197c8639ee33f11f308af586cabbee3d90

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 19
cf-polished: origSize=1992
x-hubspot-correlation-id: 98f0e2f1-1f93-40a6-a069-1a5dfa01f55f
last-modified: Fri, 08 Jul 2022 11:17:02 GMT
server: cloudflare
x-trace: 2BFF9BBA61A55CFCFC5C73E02940445D1D30443F05000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.winningtemp.com
expires: Fri, 08 Jul 2022 11:18:21 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 727869b7c9f59906-ARN
cf-bgj: minify

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 100 KB
31 KB 220ms
64ms Script
application/javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 11fb518d49d795a748848d5d0eed7d4ca6c508730736f9947db6def482c80129

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:20 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 06:34:06 GMT
etag: "1c36fa10b98ad81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=167
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 31185
expires: Fri, 08 Jul 2022 11:20:07 GMT

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ 585 KB
148 KB 138ms
70ms Script
application/javascript 104.17.182.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.182.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:20 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jun 2022 02:51:01 UTC
server: cloudflare
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5jLmhaTGFbVCuTt3dN9sIS4%2FlK2YuJbhLwb6DIuMDaxUFrjECY7U7K7YMViZc50%2BY48xaNT%2B309ixJhNiW0bJHQ17IwgfCBdPuOhim5W6sFLNPbkejDYZNEiI%2FG6DCq"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6vyCWacfN9CPqy_wPW84vx64jCxte7kG
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 727869b4dd7395f4-ARN
x-amz-cf-id: HXFnkpFXG-Gw6gyuR23M-eNr0S1HsDgoybELex_v_qbLpwkMWgLCdA==
x-hs-target-asset: FormsNext/static-5.508/bundles/project_with_deps.js

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 226ms
62ms Script
application/javascript 13.225.84.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=603df060fa2bf1b496c315d3
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-117.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.winningtemp.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 04:59:22 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 22679
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: CGxI7bu8nf6gBw7noUA6z7dx5K2Iy5DlkE9L_t_4gcC9AyPEVXhDqA==

GET
H2 200 winningtemp.a25d80ffb.js Show response
assets-global.website-files.com/603df060fa2bf1b496c315d3/js/ 375 KB
73 KB 225ms
69ms Script
text/javascript 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/js/winningtemp.a25d80ffb.js
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c735572b71edf5b464fc8403adf146e45d5546808918b88991666410033c779a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Pbk5AY9Bh0WmkGsr4eBQhr.khCp6G9GW
content-encoding: gzip
etag: "2fd9771f0b15056824ba5c8660b10061"
age: 30013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 73871
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 12:36:05 GMT
server: AmazonS3
date: Fri, 08 Jul 2022 02:57:08 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 9fm-Y7vC92k0_msYoBkJqXfUN9zFEkhea2hCSgLcLUGGgOAsP317hA==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
997 B 411ms
39ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:regular,600,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

8e752e4d9e5f8ab1646ec3dc5c7dd460b530fef8172c4c77f71f14f477fcfbd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 11:17:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 11:17:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 11:17:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
76 KB 433ms
98ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NF42R37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e7eced8f63cb76c92a39056ff1a2a8720b01e5322f0cc5e02491593829bf0eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77357
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 11:17:21 GMT

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/945a0aca-de87-4b31-bac6-98aa0395ee0d/winningtemp.com/ 3 KB
1 KB 409ms
74ms Script
application/x-javascript 104.109.69.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/945a0aca-de87-4b31-bac6-98aa0395ee0d/winningtemp.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.69.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-69-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1d91e58ebda9fbb2fa12601bc2fe265bacc10b1bc7e2c524b48492740de69863

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:21 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 14:22:54 GMT
server: AkamaiNetStorage
etag: "14934ce38107ff5f9ab625c4c9d36792:1655130174.5742"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=84813
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 795
expires: Sat, 09 Jul 2022 10:50:54 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/945a0aca-de87-4b31-bac6-98aa0395ee0d/ 259 KB
62 KB 227ms
159ms Script
application/x-javascript 23.36.163.230
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/945a0aca-de87-4b31-bac6-98aa0395ee0d/cc.js?renew=false&referer=www.winningtemp.com&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.230 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2dd4013e4c7255a0e59d15799abb06f3e51382039c75f08a16489be198982552

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:21 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1
content-length: 63045
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 60412267678014d5f0366839_dots.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 20 KB
2 KB 158ms
56ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/60412267678014d5f0366839_dots.svg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/css/winningtemp.3548faa01.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f54e955a74727801616229225bb908421be7089c023b7d76344868285c3e9f67

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/css/winningtemp.3548faa01.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 07:17:05 GMT
content-encoding: gzip
age: 878417
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 18:09:45 GMT
server: AmazonS3
etag: W/"ba2b4e315595be171d9cbb77ca2154b8"
vary: Accept-Encoding
x-amz-version-id: lAf14IDq2iEmo04qGx8s8O8OBlE1P4_.
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: UgCZpROgLcm8MzsMvvCYmm6kK0MzUcP-mZWN5f6ZmUGO6PBVxmMHOQ==

GET
H2 200 61373044aea4960f39a05d92_Daniel-p-500.jpeg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 37 KB
37 KB 83ms
82ms Image
image/jpeg 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/61373044aea4960f39a05d92_Daniel-p-500.jpeg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3ac385664d303e3dc6b6b863fb3159791ad9372b32c7ec0fc26e8573e9d4b8d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 15:00:21 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age: 2837821
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 37745
last-modified: Tue, 07 Sep 2021 09:26:32 GMT
server: AmazonS3
etag: "8b540d6f7c13df0946fd7da78e4e8f9f"
x-amz-version-id: 8t_cSnehS5NJxmf8A5ElFqiIPveZH3PW
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: m_cSA6k85TGcnb5WAPY_GtpxHWRsrPgupC7tc05XzBhzQbWHofkVSA==

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame E461 627 B
692 B 186ms
132ms Document
text/html 104.109.69.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.69.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-69-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://www.winningtemp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31535053
content-encoding: gzip
content-length: 392
content-type: text/html
date: Fri, 08 Jul 2022 11:17:21 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 08 Jul 2023 11:01:34 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 5566319.js Show response
js.hs-banner.com/ 60 KB
16 KB 721ms
0ms Script
text/javascript 104.18.33.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/5566319.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5566319.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc341b184b1c95f662a02b8d98e4de8fba76d04e1ae7211c782de6815694b21

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 18
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: AV86BNR32AF5K3V1
x-amz-id-2: g6i7sKbdxj6SIAIrpNDGOL6a5dTUYO63598YZSI4R2rQFU28x079TT+7s24lZRlG48FAGvOEc1s=
timing-allow-origin: *
last-modified: Fri, 03 Jun 2022 14:10:14 GMT
server: cloudflare
etag: W/"4d0fe30cfd47823bf61936b3b503fc9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 9cjMQPln1gpNhNDOirc_9xonUZBB0mrR
access-control-allow-origin: https://www.winningtemp.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 727869beed6d9921-ARN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 08 Jul 2022 11:22:04 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 656ms
14ms Script
application/javascript 104.17.112.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5566319.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.112.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:22 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 520
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.287/bundles/pixels-release.js&cfRay=72785d0af95315ec-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 30 Jun 2022 02:09:15 UTC
server: cloudflare
etag: W/"1b16fc147ec853ab9d82a3c0efe75b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dONne1FcPXm8F7qFk63xAz5e_hNw5LhN
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
cf-ray: 727869be9bca1691-ARN
x-amz-cf-id: UDMFVvZgaCcoAlKTOsfUpQatu3n3enxZI0rvrIcXVSXUhDggR2Mtrg==
x-hs-target-asset: adsscriptloaderstatic/static-1.287/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 72 KB
25 KB 737ms
0ms Script
application/javascript 104.17.128.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5566319.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.128.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5

Request headers

Referer: https://www.winningtemp.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:22 GMT
via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57109
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=7272f77ba9fd992c-IAD
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 727869beec21990f-ARN
last-modified: Thu, 19 May 2022 12:56:36 UTC
server: cloudflare
etag: W/"9bdc82a581dc188ff306ce5ac3c3e170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: nKmu0pfqxgrqZBD-4YjBmTjAkQkhw-yypj_gzipPHwJaxxqGlvsV8A==
x-hs-target-asset: collected-forms-embed-js/static-1.278/bundles/project.js

GET
H2 200 5566319.js Show response
js.hs-analytics.net/analytics/1657278900000/ 62 KB
20 KB 733ms
0ms Script
text/javascript 104.17.67.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1657278900000/5566319.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5566319.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.67.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d783d8e0cfa7810d39ffd41d6d2319e507fa502d4ef96bbcbe2ba3fba10dfc7f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 83
x-amz-server-side-encryption: AES256
x-amz-request-id: 6CRW37BKZC6W2SME
x-amz-id-2: qNU4IDGf6RzCQZxO9zvgpP3DAkosI6eRNA+a4d22KxiXq9jnbVXqxPpC6mrjwUf49R6VajACWc8=
last-modified: Tue, 14 Jun 2022 15:26:48 GMT
server: cloudflare
etag: W/"95950dca324df226c41ffe482602e2a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 727869bee9c39918-ARN
expires: Fri, 08 Jul 2022 11:20:59 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 912ms
78ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 143498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:25:44 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 907ms
74ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 143549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 19:24:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 902ms
79ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:regular,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 136459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 21:23:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
70 KB 534ms
0ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LV30BCF2WJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF42R37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

046d1bf2e7d085f714d8acc754dde41d7f96ab7d5dc42bdb92dbd665074eda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71536
x-xss-protection: 0
expires: Fri, 08 Jul 2022 11:17:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 837ms
93ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF42R37

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 009D1FB347CB4A21AD99F1EFA223EADC Ref B: STOEDGE0719 Ref C: 2022-07-08T11:17:22Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 08 Jul 2022 11:17:21 GMT
accept-ranges: bytes
content-length: 11360

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 775ms
60ms Script
application/x-javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF42R37
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 11:17:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33576
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 869ms
132ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF42R37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 11:17:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 811ms
78ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: Aa3H9g6VpDOFhnYMGnseEpkWJmHQ0GL0rgJkFtk5R9+Bei7PdfQcSieVnGJTB43irnyFtASgEjjTyufZy36ldw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 08 Jul 2022 11:17:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2516908.js Show response
static.hotjar.com/c/ 4 KB
2 KB 809ms
79ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2516908.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

fb8959289db243c243665277ca87ff25ea91c90a72fa40f99e7b20be86710736

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 54
x-cache: Hit from cloudfront
date: Fri, 08 Jul 2022 11:16:28 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/47c95ff6dd22f4c5a9d7437dd6bd2ff6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tzfufqnab4B84l7XdIErSmSsB-mjDeOrh0NFVhlRUdRhR8ivdFi8yg==

GET
H2 200 prpcvi852fhm.js Show response
js.driftt.com/include/1657279200000/ 210 KB
60 KB 1100ms
373ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1657279200000/prpcvi852fhm.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d27f20e89f3e5dcaacd001244fa069820eb9e4427175448a5eef69e6d4a77393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KIabZxwKDM42eWtxMBS9_5jGdpCC.EVA
content-encoding: gzip
etag: W/"c52028076ed142c4e555cc3adb0dc50e"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 20:00:13 GMT
server: nginx
date: Fri, 08 Jul 2022 11:17:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4DTBRAmIMfgXSM2GRrmCz7ZznE7T3CITu2wr_2E_uvxo6Dzv_ZGgbQ==

GET
H2 200 6278d37fef70b60014b19e52 Show response
ws.zoominfo.com/pixel/ 2 KB
1 KB 527ms
241ms Script
text/javascript 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6278d37fef70b60014b19e52

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0eab74a391808b24dd33b935f90a01681fdeaf1104e729ed5dfbcdb302bc3642

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 727869c1cfa398f0-ARN
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

GET
H2 200 6041494e0f852e24a5abf0c7_logo-main.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 10 KB
4 KB 572ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/6041494e0f852e24a5abf0c7_logo-main.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 968852dd96102e2444be1582f567958d1ac290338121606f2280c7b4b57fb4e6

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Apr 2022 01:50:13 GMT
content-encoding: gzip
age: 8328430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 20:55:45 GMT
server: AmazonS3
etag: W/"2c2bbf2f6b2c85c473338f48fca9a315"
vary: Accept-Encoding
x-amz-version-id: CV9JHpzJuXARBcp3tv1rHYuXhrPtGtNH
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: DvoHLZUht5ZgrhQCM5lDgPhpLOcwUUtjKEwboTMj9I4ycrvtf-WWKA==

GET
H2 200 604664d7e61c0de3cd903b1a_logo-ic.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 3 KB
2 KB 577ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/604664d7e61c0de3cd903b1a_logo-ic.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 077a7b35fe5c7dd4daa5aefdd11a581b36c76b6e4d6fbd5908e3cec9423e30bb

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 22 May 2022 08:01:05 GMT
content-encoding: gzip
age: 4072578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 17:54:32 GMT
server: AmazonS3
etag: W/"301c047d60ddfde83c72458203c68ac7"
vary: Accept-Encoding
x-amz-version-id: kxZqy23eVI0BbmjkCAjWAciY8wiB0OiL
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: AgRxfassSP2CUsBiabR6BS7qqD_hI8OoP7Lu16LWiSHBUeUAi9tDDg==

GET
H2 200 604668e777aacab79b2c01a3_br-fb-sq.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 786 B
1 KB 578ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/604668e777aacab79b2c01a3_br-fb-sq.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e60980641d55d742f778f2648c659340214c5217092d83df29b3f071dcf455b0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 21:49:01 GMT
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
age: 998902
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 786
last-modified: Mon, 08 Mar 2021 18:11:53 GMT
server: AmazonS3
etag: "cc0caeb6f4a6b432aedf9214a61e3d6c"
x-amz-version-id: OK0hIcSQ0KnFA6Xg8wJmH90rfsGctnn8
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/svg+xml
x-amz-cf-id: XivxWtrF6n8ECNzzbyoePjrOtND7dGv1yuMhChTpWx_-imPioz5i_Q==

GET
H2 200 604668e75238b12d7e443adc_br-instagram.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 4 KB
2 KB 575ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/604668e75238b12d7e443adc_br-instagram.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea059dde9d901b7f2cd9307ab93d5ed5869f990c20c1644e3ae7591f694dc29d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 06:16:31 GMT
content-encoding: gzip
age: 968452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 18:11:53 GMT
server: AmazonS3
etag: W/"26a518c69887f6d97fc9188a72f26815"
vary: Accept-Encoding
x-amz-version-id: AGcd5gXkJIeZtNuLNS6D5dBEEQGVzZgP
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: _AOybmuMkIWsaE67GALOYJ8hByWDUvh7LGWsmTBohUynqIqthlia3Q==

GET
H2 200 604668e795e48d435561e293_br-linkedin.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 1 KB
1 KB 574ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/604668e795e48d435561e293_br-linkedin.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 203427e5a4c2b6a72638e35d2fe4507b4faef721a707eb2508a8a66915e121ed

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 08:01:17 GMT
content-encoding: gzip
age: 11766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 18:11:53 GMT
server: AmazonS3
etag: W/"649838987b1c6a0095a9b137424e3281"
vary: Accept-Encoding
x-amz-version-id: dWxDTi_MnplqCk7jW5jb_Mc4YcIaMQ6p
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: Ude8HtXSFOe5jRnnN0NYGrg5-1WLaWWPM1KlcQWqDip6c0Vcpgtlww==

GET
H2 200 604668e739869314a837aba8_br-twitter.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 1 KB
1 KB 570ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/604668e739869314a837aba8_br-twitter.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec1daec27b0f38d8a504fba3760571e34962ddd4361cdb8a7afad225e240447d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 06:35:09 GMT
content-encoding: gzip
age: 2090534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 18:11:53 GMT
server: AmazonS3
etag: W/"3fd7adc55fb447e71da46515e948f85e"
vary: Accept-Encoding
x-amz-version-id: sGDa2bbIH8w0TUmoaZxmqYOUFRxaTXBH
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: 0Ofcx1Ece_ATJPNgYRBSv3eRJZAtCpcWYaw0QEZbyiwfmy4w40ddcA==

GET
H2 200 62b422b8d6e52a8e40ce32a8_ISO-UK.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 31 KB
12 KB 551ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/62b422b8d6e52a8e40ce32a8_ISO-UK.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2569c8942043e2360003990ba5ef73dffc3c2da13757bf30c9d0b3f298c3cc40

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 08:33:30 GMT
content-encoding: gzip
age: 1305833
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 08:22:17 GMT
server: AmazonS3
etag: W/"55bb20ed954b2c6563fed4d2e7838788"
vary: Accept-Encoding
x-amz-version-id: LcNN1e2XRmiHElg1lnl2MrzHroPqKXXH
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: xsfcy99jMbY_AcXPx5_gdYzqffTMz-wZ_t0ztUI4g8JU9XxdgVgBpg==

GET
H2 200 604675684c37a95d911b29ed_globe.svg
assets-global.website-files.com/603df060fa2bf1b496c315d3/ 2 KB
1 KB 552ms
0ms Image
image/svg+xml 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/604675684c37a95d911b29ed_globe.svg
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97c79579d2c408c2d51ea5827e010a33400785e438866925ec50baa165a35da1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 25 May 2022 01:13:54 GMT
content-encoding: gzip
age: 3837809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Mar 2021 19:05:13 GMT
server: AmazonS3
etag: W/"014530b67efd2f371ec04ca07d4d54d3"
vary: Accept-Encoding
x-amz-version-id: TO0bz_6syB4SttZoTMcm5bgmITtEohuT
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: c3JO92-3qaswXbLrre7pH1buCGVYwXVWoalJd_Y3KwbZqpRlqjp-7w==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1ee4038c00d2334c905cc44bb99c1824d862435cc003dda35b8002b590db78e

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 607ms
171ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5566319&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6571455ca50a0df3f4b50a95ad6ca5fba3c6c629a222373c25c755d1dc761be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9ef8ffe4-7057-4b5b-97e3-92389b58c27e
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FM3BGJtehulKbh905OPU%2FsJD9A7%2FBDy5oxTD8BGSu2Rw1da7PC6qhBacobahETNyKcqyA5AHIgfmS2OHDZAn8QDGhnQBKXzMrM2OevmgnhOqE0gF7EDaaRbwdp7gQTp2C4M"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winningtemp.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 727869c50e1016a5-ARN
access-control-allow-headers: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 369ms
49ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LV30BCF2WJ&gtm=2oe6t0&_p=1987378336&_z=ccd.v9B&cid=752353924.1657279048&ul=en-us&sr=1600x1200&_s=1&sid=1657279047&sct=1&seg=0&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&dt=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LV30BCF2WJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningtemp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1662900&time=1657279048016&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3F_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0B...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1662900%26time%3D1657279048016%26url%3Dhttps%253A%252F%252Fwww.winningtemp.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1662900&time=1657279048016&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3F_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0B...

0
159 B

147ms
147ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1662900&time=1657279048016&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3F_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_campaign%3DCustomer%2520sendout%26utm_content%3D219002238%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D219002238&liSync=true
Requested by: Host: www.winningtemp.com
URL: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2CCCF17D9E78497C9642CD8200020E22 Ref B: STOEDGE0911 Ref C: 2022-07-08T11:17:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjSVi0K9THgRC85ZfQcA==
x-li-fabric: prod-lva1

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXjSVix0WJBygtnHjcN3w==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9C073AF3B9B54090B1962A9919E670AF Ref B: STOEDGE0911 Ref C: 2022-07-08T11:17:23Z
x-frame-options: sameorigin
date: Fri, 08 Jul 2022 11:17:23 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1662900&time=1657279048016&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3F_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_campaign%3DCustomer%2520sendout%26utm_content%3D219002238%26utm_source%3Dhs_email%26utm_medium%3Demail%26_hsmi%3D219002238&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 modules.e691815239005b70eaea.js Show response
script.hotjar.com/ 244 KB
63 KB 373ms
67ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e691815239005b70eaea.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2516908.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4037
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64296
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 10:09:36 GMT
etag: "4e9d16d4891a5e370135a06bad021c1b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XlfEu380OhWuFZSsXy99TwZ57xwupuXKnesSKcHq7R5JneYEuV_88w==

GET
H3 200 497560194082396 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 272ms
197ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/497560194082396?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

e86d360a13e5fd4d6e83fe54af5f4debb3782bf9842e3876c28377ee615cecc2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: UDIC0McYw3ioYN1LILOtxZ66Q5zaFnGlUm8m3KoBUKAAAS+vHwAn7KHYPmPIFxMDUgmbg6579j7nz5dUeQlBuw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 08 Jul 2022 11:17:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657279043245
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/479665576/ 2 KB
1 KB 387ms
117ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/479665576/?random=1657279048036&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&bttype=purchase&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

14aed4b19ed51e3a0cbb429669650e0e1f7e0f432ed8779b50846dc82822a051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26048165.js Show response
bat.bing.com/p/action/ 828 B
749 B 196ms
196ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26048165.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

efb7650e7f6f06e3dd004356e32a3e4dd0f19163078337e4f5a8ae6379a154f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAFE6851EFDB477CBCB9D353490ABC0B Ref B: STOEDGE0719 Ref C: 2022-07-08T11:17:23Z
date: Fri, 08 Jul 2022 11:17:22 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 572

GET
H2 204 0
bat.bing.com/action/ 0
175 B 68ms
67ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26048165&tm=gtm002&Ver=2&mid=3cc1f3b6-e1c0-4903-b523-6f1c37269965&sid=8d0b3920feaf11ec96ca2f6dd523a63a&vid=8d0b73c0feaf11eca6a3cf9e6cfbb1cb&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&p=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&r=&lt=1776&evt=pageLoad&msclkid=N&sv=1&rn=485063

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00994B6286794308BB0BF13396C72C93 Ref B: STOEDGE0719 Ref C: 2022-07-08T11:17:23Z
date: Fri, 08 Jul 2022 11:17:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET box-5e0db0f25ef573fe233efc0372d38d69.html
vars.hotjar.com/ Frame D7B5 0
0

GET
H2 200 box-5e0db0f25ef573fe233efc0372d38d69.html Show response
vars.hotjar.com/ Frame D7B5 2 KB
1 KB 316ms
93ms Document
text/html 13.224.189.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-10.fra2.r.cloudfront.net

Software

Resource Hash

897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.winningtemp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 83176
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 12:11:07 GMT
etag: "247bae6bc5dfc2c9bd258e7b3935cacc"
last-modified: Thu, 07 Jul 2022 12:11:03 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-id: REmSf9yVqAugtorYQuwRTWt9tacB8xg6XCaAp4c90NSs7TDX05xhZg==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 26048165 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 445ms
144ms Script
application/x-javascript 104.212.67.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26048165
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26048165.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.188 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: rom30r3a.msedge.net
Software: / ASP.NET
Resource Hash: c2fe03da3b5749380d6fa827173436f28950f4e805ecfc201cfffac7bd5885c8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
x-powered-by: ASP.NET
x-azure-ref: 0QxLIYgAAAABWIbjCTlykRo3PXAjJMdZqUk9NMzBFREdFMDgwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
content-length: 1654
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 234ms
68ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=497560194082396&ev=PageView&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&rl=&if=false&ts=1657279048456&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657279048396.1721957799&it=1657279048032&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 08 Jul 2022 11:17:23 GMT

GET
H2

200

/
www.google.se/pagead/1p-conversion/479665576/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.se/pagead/1p-conversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
548 B

205ms
77ms

Image
image/gif

172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-conversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QxLIYoT-FtK_mLAPgZWLqAc&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3p9wzONgyQQCCVrVsGjbob9uICyXnFS7SA&random=4124994795&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-conversion/479665576/?random=1578011912&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QxLIYoT-FtK_mLAPgZWLqAc&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3p9wzONgyQQCCVrVsGjbob9uICyXnFS7SA&random=4124994795&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2516908/ 147 B
323 B 229ms
71ms XHR
application/json 34.255.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2516908/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e691815239005b70eaea.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.240.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-240-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.34/ 53 KB
23 KB 177ms
177ms Script
application/javascript 104.212.67.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26048165
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.188 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: rom30r3a.msedge.net
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:23 GMT
content-encoding: br
etag: "1d890d4908cf454"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0QxLIYgAAAADDjg9qSNW2RqP3k9rzfmiQUk9NMzBFREdFMDgwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H2 200 content Show response
ws28.hotjar.com/api/v2/sites/2516908/recordings/ 66 B
259 B 585ms
127ms XHR
application/json 52.50.27.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws28.hotjar.com/api/v2/sites/2516908/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e691815239005b70eaea.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.27.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-27-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 35aef62d3b68884082b92812c2ec465e90842ced4ec75ed59e08e6eec3fefd7e

Request headers

Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 08 Jul 2022 11:17:24 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 122ms
63ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=497560194082396&ev=Microdata&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&rl=&if=false&ts=1657279048961&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22F%C3%A5%20en%20gennemgang%20af%20Winningtemp!%22%2C%22meta%3Adescription%22%3A%22Book%20en%20kort%20demo%20med%20vores%20team%20og%20se%20Winningtemp%20i%20aktion.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22F%C3%A5%20en%20gennemgang%20af%20Winningtemp!%22%2C%22og%3Adescription%22%3A%22Book%20en%20kort%20demo%20med%20vores%20team%20og%20se%20Winningtemp%20i%20aktion.%22%2C%22twitter%3Atitle%22%3A%22F%C3%A5%20en%20gennemgang%20af%20Winningtemp!%22%2C%22twitter%3Adescription%22%3A%22Book%20en%20kort%20demo%20med%20vores%20team%20og%20se%20Winningtemp%20i%20aktion.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657279048396.1721957799&it=1657279048032&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 08 Jul 2022 11:17:24 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
179 B 615ms
137ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.winningtemp.com
date: Fri, 08 Jul 2022 11:17:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 shell.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 87ms
48ms Script
application/javascript 104.17.182.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:24 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jun 2022 02:51:01 UTC
server: cloudflare
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0aOhE72sEKkh9q8OGoue351BuHjFfY%2BPF%2B7M93weyDR3AAlzBJsLhhTki1da%2FGjcHrK1DleWyO2Q8680L9t4RqqTBa4AlCnArnJzFd%2Fzb3OXajDjgS50XSTd%2FCiCa1S"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6vyCWacfN9CPqy_wPW84vx64jCxte7kG
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 727869caaa2715f0-ARN
x-amz-cf-id: HXFnkpFXG-Gw6gyuR23M-eNr0S1HsDgoybELex_v_qbLpwkMWgLCdA==
x-hs-target-asset: FormsNext/static-5.508/bundles/project_with_deps.js

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 210ms
67ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF42R37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 753
date: Fri, 08 Jul 2022 11:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Jul 2022 13:04:51 GMT

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 770ms
474ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.winningtemp.com
date: Fri, 08 Jul 2022 11:17:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/ 15 KB
3 KB 358ms
306ms XHR
application/json 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1495cb770b3684833e3a5a556bb538e592afccd622603d1789d008cf5f1c2863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.winningtemp.com/
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Fri, 08 Jul 2022 11:17:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: c7279d94-2c83-4de3-a097-92140b406676
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2BF2266DE9F0C9DA76430E732470196178B818C7EB000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winningtemp.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 727869ce7f441691-ARN
access-control-allow-headers: *

GET
H3 200 shell.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 76ms
43ms Script
application/javascript 104.17.182.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.182.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:24 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jun 2022 02:51:01 UTC
server: cloudflare
etag: W/"6e63031a8c528e5eccaa863d635b3ed8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pIDF0kIXbQDpvy2swWgH4F%2FN96brsGqMAPb%2BGlTAjsGSYRw%2BjlVFHrHa42IN1abJ6uhm4R9JL1IUcMGzf0LjJXs7hZfbNqwMq1PAQAlFfxnH4UAw4jMWotudQ5engmK"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 6vyCWacfN9CPqy_wPW84vx64jCxte7kG
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 727869cc9c2c15f0-ARN
x-amz-cf-id: HXFnkpFXG-Gw6gyuR23M-eNr0S1HsDgoybELex_v_qbLpwkMWgLCdA==
x-hs-target-asset: FormsNext/static-5.508/bundles/project_with_deps.js

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/ Frame 0
0 276ms
165ms Preflight
text/plain 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.winningtemp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.winningtemp.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 727869cd1b079936-ARN
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 08 Jul 2022 11:17:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: a4ad54ab-03d9-438c-a2f5-3d5066576038
x-robots-tag: none
x-trace: 2B7612DE4328E39F34A1B3269DB1C1B4A17FF1314B000000000000000000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 201ms
73ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1987378336&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2Fdk%2Fbook-en-demo&el=10%25%20Scroll&_u=YADAAEABAAAAAC~&jid=1956596040&gjid=265550308&cid=752353924.1657279048&tid=UA-63613656-4&_gid=8505073.1657279050&_r=1&gtm=2wg6t0NF42R37&cd1=752353924.1657279048&cd2=event&z=1802771473

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.winningtemp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 161ms
71ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1987378336&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2Fdk%2Fbook-en-demo&el=25%25%20Scroll&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=752353924.1657279048&tid=UA-63613656-4&_gid=8505073.1657279050&gtm=2wg6t0NF42R37&cd1=752353924.1657279048&cd2=event&z=1587494724

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 01:26:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35472
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 159ms
70ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1987378336&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2Fdk%2Fbook-en-demo&el=50%25%20Scroll&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=752353924.1657279048&tid=UA-63613656-4&_gid=8505073.1657279050&gtm=2wg6t0NF42R37&cd1=752353924.1657279048&cd2=event&z=812136030

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 01:26:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35472
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 161ms
72ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1987378336&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2Fdk%2Fbook-en-demo&el=75%25%20Scroll&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=752353924.1657279048&tid=UA-63613656-4&_gid=8505073.1657279050&gtm=2wg6t0NF42R37&cd1=752353924.1657279048&cd2=event&z=1312941178

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 01:26:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35472
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/ Frame 0
0 170ms
166ms Preflight
text/plain 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.winningtemp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://www.winningtemp.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 727869ce1c809936-ARN
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 08 Jul 2022 11:17:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: bdc17812-27cd-4ac7-a47b-342ec7cb1460
x-robots-tag: none
x-trace: 2BDE4C454EC75EC54C76C9113C217475D1BFA1F390000000000000000000

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/ 15 KB
3 KB 230ms
162ms XHR
application/json 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/5566319/66df4cc7-0b58-4e2a-a18b-54b3e75140e9/json?hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e031035c40a4a3b310789482fe0925e9489cfbc98884dac5239a2ed815fd1f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://www.winningtemp.com/
X-Requested-With: XMLHttpRequest
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Fri, 08 Jul 2022 11:17:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: d7ba8635-2c90-4141-96bd-5974031727ce
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: none
server: cloudflare
x-trace: 2B701FF4654C58B5C3BF0A27DF70050E8D4D6D4230000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winningtemp.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 727869d0ba0c1691-ARN
access-control-allow-headers: *

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 70ms
66ms Script
application/javascript 13.225.84.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=603df060fa2bf1b496c315d3
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-117.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.winningtemp.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 04:59:22 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 22683
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LFT-ajQfYSDUnmcmoduKu95fyzGMrPSTcPPTXSla74MAHLJeWlJfLA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 409ms
58ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63613656-4&cid=752353924.1657279048&jid=1956596040&gjid=265550308&_gid=8505073.1657279050&_u=YADAAEAAAAAAAC~&z=885615263

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Jul 2022 11:17:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.winningtemp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 winningtemp.a25d80ffb.js Show response
assets-global.website-files.com/603df060fa2bf1b496c315d3/js/ 375 KB
73 KB 335ms
53ms Script
text/javascript 13.225.78.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/603df060fa2bf1b496c315d3/js/winningtemp.a25d80ffb.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-111.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c735572b71edf5b464fc8403adf146e45d5546808918b88991666410033c779a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Pbk5AY9Bh0WmkGsr4eBQhr.khCp6G9GW
content-encoding: gzip
etag: "2fd9771f0b15056824ba5c8660b10061"
age: 30018
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 73871
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 12:36:05 GMT
server: AmazonS3
date: Fri, 08 Jul 2022 02:57:08 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: GwhNfP-BOPdlJqphvlvEL202JxwVzFhpRZUMqkoo9Wo7Ni0bAPuEVg==

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 056d00be1429e645203a6f3b1897806162612a0631057b2baa873585748bdb25

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
472 B 207ms
152ms Image
image/gif 104.16.86.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.86.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 328e7915-6820-4c36-8082-1585d36d7951
cf-ray: 727869d238ca0d46-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BE2AE827E9124605DE33D6EFBB1C0AEDB2DED1504000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
2 KB 59ms
39ms Script
application/javascript 104.17.112.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.112.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:25 GMT
via: 1.1 0920aeb1eced22df07c9ece1cab0a554.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 523
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.287/bundles/pixels-release.js&cfRay=72785d0af95315ec-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 30 Jun 2022 02:09:15 UTC
server: cloudflare
etag: W/"1b16fc147ec853ab9d82a3c0efe75b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dONne1FcPXm8F7qFk63xAz5e_hNw5LhN
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
cf-ray: 727869d2bcf31691-ARN
x-amz-cf-id: UDMFVvZgaCcoAlKTOsfUpQatu3n3enxZI0rvrIcXVSXUhDggR2Mtrg==
x-hs-target-asset: adsscriptloaderstatic/static-1.287/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 72 KB
24 KB 80ms
38ms Script
application/javascript 104.17.128.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.128.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5

Request headers

Referer: https://www.winningtemp.com/
Origin: https://www.winningtemp.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:25 GMT
via: 1.1 6f3546b6b501aaa8c1b4750231158188.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 57112
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=7272f77ba9fd992c-IAD
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 727869d35a98990f-ARN
last-modified: Thu, 19 May 2022 12:56:36 UTC
server: cloudflare
etag: W/"9bdc82a581dc188ff306ce5ac3c3e170"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: nKmu0pfqxgrqZBD-4YjBmTjAkQkhw-yypj_gzipPHwJaxxqGlvsV8A==
x-hs-target-asset: collected-forms-embed-js/static-1.278/bundles/project.js

GET
H2 200 5566319.js Show response
js.hs-analytics.net/analytics/1657278900000/ 62 KB
19 KB 42ms
42ms Script
text/javascript 104.17.67.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1657278900000/5566319.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.67.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d783d8e0cfa7810d39ffd41d6d2319e507fa502d4ef96bbcbe2ba3fba10dfc7f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:26 GMT
content-encoding: br
cf-cache-status: HIT
age: 87
x-amz-server-side-encryption: AES256
x-amz-request-id: 6CRW37BKZC6W2SME
x-amz-id-2: qNU4IDGf6RzCQZxO9zvgpP3DAkosI6eRNA+a4d22KxiXq9jnbVXqxPpC6mrjwUf49R6VajACWc8=
last-modified: Tue, 14 Jun 2022 15:26:48 GMT
server: cloudflare
etag: W/"95950dca324df226c41ffe482602e2a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 727869d8fda29918-ARN
expires: Fri, 08 Jul 2022 11:20:59 GMT

GET
H3 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 178ms
143ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=5566319&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6571455ca50a0df3f4b50a95ad6ca5fba3c6c629a222373c25c755d1dc761be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b918acea-17be-4dcc-aef9-cbc08e9f3d1f
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1eDnEBtFgo91Buvju16I%2BBPOzPlsJ8NAaYNRXq2iQPEEcqEBM4kgFit7oWTPnegR0itbYsbvnjs2SYhOAuoMaj8OHKiuaXGUsMUtHxCnVs5CiFG7ZByvXx6FF%2FnRd0JABjR"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winningtemp.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 727869d93b6e1669-ARN
access-control-allow-headers: *

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 262ms
261ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.winningtemp.com
date: Fri, 08 Jul 2022 11:17:26 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 67ms
67ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE3165B85AA44CD2A5C640E63C9EB86D Ref B: STOEDGE0719 Ref C: 2022-07-08T11:17:26Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 08 Jul 2022 11:17:25 GMT
accept-ranges: bytes
content-length: 11360

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 49ms
48ms Script
application/x-javascript 2.21.20.155
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 11:17:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33572
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 71ms
70ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 11:17:26 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 53ms
52ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: Aa3H9g6VpDOFhnYMGnseEpkWJmHQ0GL0rgJkFtk5R9+Bei7PdfQcSieVnGJTB43irnyFtASgEjjTyufZy36ldw==
x-frame-options: DENY
date: Fri, 08 Jul 2022 11:17:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2516908.js Show response
static.hotjar.com/c/ 4 KB
2 KB 59ms
58ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2516908.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

fb8959289db243c243665277ca87ff25ea91c90a72fa40f99e7b20be86710736

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 58
x-cache: Hit from cloudfront
date: Fri, 08 Jul 2022 11:16:28 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/47c95ff6dd22f4c5a9d7437dd6bd2ff6
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: T0ng2HGDHx75PlMiPC9sFwvKXHJOJBxnbqDdpfoxCWlz6gVjcfgGHA==

GET
H2 200 prpcvi852fhm.js Show response
js.driftt.com/include/1657279200000/ 210 KB
60 KB 138ms
136ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1657279200000/prpcvi852fhm.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d27f20e89f3e5dcaacd001244fa069820eb9e4427175448a5eef69e6d4a77393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KIabZxwKDM42eWtxMBS9_5jGdpCC.EVA
content-encoding: gzip
etag: W/"c52028076ed142c4e555cc3adb0dc50e"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 20:00:13 GMT
server: nginx
date: Fri, 08 Jul 2022 11:17:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: CbLttpFhQMdjYVmuw8DKFDcJR4PR9bJWw6BV58PqhDwPAwd3vlP6QQ==

GET
H2 200 6278d37fef70b60014b19e52 Show response
ws.zoominfo.com/pixel/ 2 KB
1 KB 230ms
229ms Script
text/javascript 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6278d37fef70b60014b19e52

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5066a52b0a106c909c3c46d052a6083c4100211e13a4fa6e360acb8b1e1932ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/dk/book-en-demo?utm_campaign=Customer%20sendout&utm_medium=email&_hsmi=219002238&_hsenc=p2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ&utm_content=219002238&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 727869dc9dca98f0-ARN
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
via: 1.1 google

OPTIONS
H2 200 collect
ws.zoominfo.com/pixel/ Frame 0
0 246ms
182ms Preflight
text/html 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ws-collect-type
Access-Control-Request-Method: POST
Origin: https://www.winningtemp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type
access-control-allow-origin: https://www.winningtemp.com
allow: GET,HEAD,POST
cf-cache-status: DYNAMIC
cf-ray: 727869de6d4b95fc-ARN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Jul 2022 11:17:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

POST
H2 200 collect Show response
ws.zoominfo.com/pixel/ 0
39 B 174ms
173ms XHR
text/plain 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Requested by

Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/6278d37fef70b60014b19e52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winningtemp.com/
x-ws-collect-type: xhr
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Fri, 08 Jul 2022 11:17:27 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://www.winningtemp.com
access-control-allow-credentials: true
cf-ray: 727869df9ede95fc-ARN
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
content-length: 0

GET
H2 200 modules.e691815239005b70eaea.js Show response
script.hotjar.com/ 244 KB
63 KB 61ms
60ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e691815239005b70eaea.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 10:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4041
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64296
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 10:09:36 GMT
etag: "4e9d16d4891a5e370135a06bad021c1b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1j05Ik3QDcUZ87TOHtd0qYq4cbXNXic0_tkedyNwidLddM-y_t3CTQ==

POST
H2 200 collect Show response
ws.zoominfo.com/pixel/ 0
113 B 174ms
173ms XHR
text/plain 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Requested by

Host: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/6278d37fef70b60014b19e52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.winningtemp.com/
x-ws-collect-type: xhr
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Fri, 08 Jul 2022 11:17:27 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://www.winningtemp.com
access-control-allow-credentials: true
cf-ray: 727869df9edc95fc-ARN
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
content-length: 0

OPTIONS
H2 200 collect
ws.zoominfo.com/pixel/ Frame 0
0 243ms
181ms Preflight
text/html 104.16.168.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/collect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.82 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ws-collect-type
Access-Control-Request-Method: POST
Origin: https://www.winningtemp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type
access-control-allow-origin: https://www.winningtemp.com
allow: GET,HEAD,POST
cf-cache-status: DYNAMIC
cf-ray: 727869de6d4c95fc-ARN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Jul 2022 11:17:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express

GET
H3 200 497560194082396 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 53ms
53ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/497560194082396?v=2.9.64&r=stable

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

e86d360a13e5fd4d6e83fe54af5f4debb3782bf9842e3876c28377ee615cecc2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85564
x-xss-protection: 0
pragma: public
x-fb-debug: UDIC0McYw3ioYN1LILOtxZ66Q5zaFnGlUm8m3KoBUKAAAS+vHwAn7KHYPmPIFxMDUgmbg6579j7nz5dUeQlBuw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 08 Jul 2022 11:17:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/479665576/ 2 KB
1 KB 72ms
72ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

cab3d4602eeb3aee00a93fe43639bfae5532211379cdfe732d805168f659803d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.se/pagead/1p-conversion/479665576/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.se/pagead/1p-conversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...

42 B
64 B

192ms
74ms

Image
image/gif

172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-conversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RxLIYtDlIsuomLAPp-6wwAU&cid=CAQSKQCNIrLM-2xUZ3twdb_Uiz5UAN_3DD_24Oa7ka3ETh9exzwAl0HvyD5q&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3kg8IWF_hIBDZKCC_zInqzOYg2ACxnnq9A&random=1957257121&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-conversion/479665576/?random=300779985&cv=9&fst=1657279048036&num=1&value=0&label=7WPoCL2ppP8CEKi73OQB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&auid=1373152989.1657279047&hn=www.googleadservices.com&us_privacy=1---&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RxLIYtDlIsuomLAPp-6wwAU&cid=CAQSKQCNIrLM-2xUZ3twdb_Uiz5UAN_3DD_24Oa7ka3ETh9exzwAl0HvyD5q&eitems=ChAI8KuflgYQyYu8_-HlqYo9Eh0AiIds3kg8IWF_hIBDZKCC_zInqzOYg2ACxnnq9A&random=1957257121&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26048165.js Show response
bat.bing.com/p/action/ 828 B
703 B 189ms
188ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26048165.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

efb7650e7f6f06e3dd004356e32a3e4dd0f19163078337e4f5a8ae6379a154f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D33327C3A23C4FE29F3056CF3238483E Ref B: STOEDGE0719 Ref C: 2022-07-08T11:17:27Z
date: Fri, 08 Jul 2022 11:17:26 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 572

GET
H2 200 26048165 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 192ms
190ms Script
application/x-javascript 104.212.67.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26048165
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26048165.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.188 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: rom30r3a.msedge.net
Software: / ASP.NET
Resource Hash: c2fe03da3b5749380d6fa827173436f28950f4e805ecfc201cfffac7bd5885c8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:27 GMT
x-powered-by: ASP.NET
x-azure-ref: 0RxLIYgAAAABnfzny9dwhRZBj5vYkgesLUk9NMzBFREdFMDgwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 1654
expires: -1

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=75EE8E97EEE140EAB558A1C4F05592DC&RedC=c.clarity.ms&MXFR=3671E169791E6AE53639F0B27D1E64F8
https://c.clarity.ms/c.gif?CtsSyncId=75EE8E97EEE140EAB558A1C4F05592DC&MUID=27904C89E9BD6D573B115D52E8956CFE

42 B
368 B

63ms
63ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=75EE8E97EEE140EAB558A1C4F05592DC&MUID=27904C89E9BD6D573B115D52E8956CFE
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:27 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8D9870DE1854E67A67B30928772E314 Ref B: STOEDGE0719 Ref C: 2022-07-08T11:17:28Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=75EE8E97EEE140EAB558A1C4F05592DC&MUID=27904C89E9BD6D573B115D52E8956CFE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus/s/0.6.34/ 53 KB
23 KB 172ms
172ms Script
application/javascript 104.212.67.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus/s/0.6.34/clarity.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.212.67.188 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: rom30r3a.msedge.net
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:28 GMT
content-encoding: br
etag: "1d890d4908cf454"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0SBLIYgAAAAAAmXqoQrcaR7yaEU14Fxh+Uk9NMzBFREdFMDgwNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
899 B 227ms
162ms XHR
application/json 104.17.203.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=5566319

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.203.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fdab7b8e7e4841da85f6e6e5f62e39fc0b399c70300614de5e8c612c5c980eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3666dd3d-f10e-442a-8625-2f6188bfe9d4
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B007A89FE352B840610435B9CF8A81AD0C8674CC0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZKe7I7NKT%2FxuFppdKBXx7L0ls%2FcRzQDs9CWj7ylJgkpXVV%2BVlLBTVwi%2FYqMHpAVAdpuBM36Wg8apltTqON9vvO1gvtvzkgyU%2Bnj7X1QrAsUzFyM8Cgj31z7YplFkbmB"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.winningtemp.com
access-control-allow-credentials: false
cf-ray: 727869e9eeb09903-ARN
access-control-allow-headers: *

GET
H2 200 c.gif
c.clarity.ms/ 42 B
104 B 62ms
62ms Image
image/gif 20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26048165
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:28 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 200 core Show response
js.driftt.com/ Frame 7208 2 KB
1 KB 110ms
109ms Document
text/html 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1657279200000/prpcvi852fhm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f14971f1540812bf84fdd34a4c25e7ea6a71c5345abbfeb294eb616771e33e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.winningtemp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Jul 2022 11:17:29 GMT
etag: W/"02c69dbad2c00e9b9d832b93c1995e92"
last-modified: Thu, 07 Jul 2022 19:59:56 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-id: rQu0F6ydR2ZK9fb0jJSXuohCLH267lwalK8_wcHF4Sodqup6GTygzA==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: QptJv_ENMYxxTIOT9doixreBvtvDFDKj
x-cache: Hit from cloudfront

GET
H2 200 chat Show response
js.driftt.com/core/ Frame C072 2 KB
1 KB 158ms
158ms Document
text/html 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1657279200000/prpcvi852fhm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f14971f1540812bf84fdd34a4c25e7ea6a71c5345abbfeb294eb616771e33e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.winningtemp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Jul 2022 11:17:29 GMT
etag: W/"02c69dbad2c00e9b9d832b93c1995e92"
last-modified: Thu, 07 Jul 2022 19:59:56 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
x-amz-cf-id: ewwBj4HXJtMe_RmxTvgAucY3IiT0vs-U2pDgr6L8RbwQAwaarecLVA==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: QptJv_ENMYxxTIOT9doixreBvtvDFDKj
x-cache: RefreshHit from cloudfront

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
544 B 232ms
169ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=5566319&rcu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo&pu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&t=F%C3%A5+en+gennemgang+af+Winningtemp!&cts=1657279054170&vi=a6854e216e01c6155ca2126eec5066a9&nc=true&u=190353140.a6854e216e01c6155ca2126eec5066a9.1657279054167.1657279054167.1657279054167.1&b=190353140.1.1657279054167&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 11bc889a-b6ab-432d-a3f5-201b839be78d
cf-ray: 727869ea1bdb95fa-ARN
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cYRo0fyE0JhfM%2BKl5%2BCsjgAh5QgW7lVuSKaag7QPeVC%2FcV7nyAfBQ7QAh7v0CkVT2OyL14E2cxr%2F3Y7gW84yClN4WohWdnhcVZ4EY8VSaoXM5oiF0f0eWIM3Wr4C%2FLhTcWn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
543 B 268ms
205ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=17&fi=66df4cc7-0b58-4e2a-a18b-54b3e75140e9&fci=d3824e8b-8a04-4b38-af73-bbe0391cefec&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=5566319&rcu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo&pu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&t=F%C3%A5+en+gennemgang+af+Winningtemp!&cts=1657279054171&vi=a6854e216e01c6155ca2126eec5066a9&nc=true&u=190353140.a6854e216e01c6155ca2126eec5066a9.1657279054167.1657279054167.1657279054167.1&b=190353140.1.1657279054167&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f4763a23-c8a5-4b77-8ab3-c296d012e000
cf-ray: 727869ea1bdd95fa-ARN
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJl95274mL%2BWyqAFncBrMW59Mhe5e6dwcD8%2FJEUvv8e87HxPQ47w0pJITXDfshUDxTsnBFJdGPJxQHwRJ4fx2aD%2BMesPF%2BOWQ3N4pwRgkoqEDSW4W4ED4F4QnnPiz6M7AQzl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
541 B 239ms
177ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=66df4cc7-0b58-4e2a-a18b-54b3e75140e9&fci=d3824e8b-8a04-4b38-af73-bbe0391cefec&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=5566319&rcu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo&pu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&t=F%C3%A5+en+gennemgang+af+Winningtemp!&cts=1657279054176&vi=a6854e216e01c6155ca2126eec5066a9&nc=true&u=190353140.a6854e216e01c6155ca2126eec5066a9.1657279054167.1657279054167.1657279054167.1&b=190353140.1.1657279054167&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9b595bf8-7c75-4b35-b333-bb6349ba7e2d
cf-ray: 727869ea1bde95fa-ARN
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MdYbRROPNOkHahtXTijG6DjWbfcI6Ru2OB2crVOlwLD7TUm0tSEymQBlzNF1PL1s0RlaIHit7X%2F9TDEmwk4kEbdE3V%2BcpV6SKG7wmKPhSWzZz5lpd5t3A0NmV9dvDnOz0pN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
540 B 221ms
160ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=66df4cc7-0b58-4e2a-a18b-54b3e75140e9&fci=68808bf4-9f55-427b-bd17-3b0462b64ae7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=5566319&rcu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo&pu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&t=F%C3%A5+en+gennemgang+af+Winningtemp!&cts=1657279054179&vi=a6854e216e01c6155ca2126eec5066a9&nc=true&u=190353140.a6854e216e01c6155ca2126eec5066a9.1657279054167.1657279054167.1657279054167.1&b=190353140.1.1657279054167&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 81cbaa05-545e-42d7-9fe9-83abb1634478
cf-ray: 727869ea1be495fa-ARN
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUxAbpxeGbruXlLgRxiOO7Zrm7p0NGqjJPWaErHAvkgedUPNmlAGstE0oDtTOsi45Y5AIb%2FXjOKbjU%2BQc2GCFpzeQqRwVwCHSi1nYCiU3fimhSZmolJgj4sj76NtK7cwfZke"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
951 B 220ms
159ms Image
image/gif 104.19.154.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=5566319&rcu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo&pu=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&t=F%C3%A5+en+gennemgang+af+Winningtemp!&cts=1657279054181&vi=a6854e216e01c6155ca2126eec5066a9&nc=true&u=190353140.a6854e216e01c6155ca2126eec5066a9.1657279054167.1657279054167.1657279054167.1&b=190353140.1.1657279054167&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 793e7479-1306-4426-9798-c9c9bd819a18
cf-ray: 727869ea1be195fa-ARN
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsXdMJiuD8P31huTq8LYiSGHKNRleIChPLoUe7vT7FLQhfGv2kbXY7U2sXgvndXi%2F%2F7utpAmPSx7QU%2Fo8M6Za9JhdseZ2xEw5ym%2F%2F5YcH%2F31brUP4VXJnANO1cCr4oO7qDtw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 runtime~main.b6d1e653.js Show response
js.driftt.com/core/assets/js/ Frame 7208 6 KB
3 KB 56ms
53ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

afa14842141b86bee803064ad6507d4790f7f4df61bd3f41dd79648f932f730d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:26 GMT
server: nginx
etag: W/"6afa34dec9797bbc19034e69fb1107f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: frTVZ2TKBacVLKsd6oTgyJqnaLuSu_Gb
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IfNm9SBS1S8b4fkZzWSyjnmJ87JnMamKzm-vOba1SVZTm0FmBXJTYg==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 35 KB
13 KB 62ms
59ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rbKDFrIHENwi3DkliYWspsNQQ-WwqbFqOafK3cOERNLp60IyiEVDfg==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 7 KB
3 KB 63ms
60ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
Origin: https://js.driftt.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -yD7f0uoLEm6bIv3EpvNJ8GcmD06cxU9fWfH8qX8-oqKSj_qSVIMIw==

GET
H2 200 runtime~main.b6d1e653.js Show response
js.driftt.com/core/assets/js/ Frame C072 6 KB
3 KB 54ms
53ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

afa14842141b86bee803064ad6507d4790f7f4df61bd3f41dd79648f932f730d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
Origin: https://js.driftt.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:26 GMT
server: nginx
etag: W/"6afa34dec9797bbc19034e69fb1107f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: frTVZ2TKBacVLKsd6oTgyJqnaLuSu_Gb
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Q91AybWqe18zddV1hG-Jd5AmadgitnVPY48Ys92W8gbzdjaAY5EhgA==

GET
H2 200 8.611ead2e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 35 KB
13 KB 62ms
61ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.611ead2e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
Origin: https://js.driftt.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"6aa29962f34a8e117268142c7cc1cc3d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: _RZ1GDjUm5KuW3ooz6jLFMyJffaKXq96
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nVYrv97r1j--A-8s37qNxKfE3HnJEexq5vcV86wOmICqQhECZQLQNA==

GET
H2 200 main~493df0b3.ac3a9470.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 7 KB
3 KB 65ms
64ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.ac3a9470.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
Origin: https://js.driftt.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:15 GMT
server: nginx
etag: W/"ab6db2ea528099e4b4bcafc90b1f14a6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9qbak4s_fS3U3ItMkJp51dxjDAaDzA89
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wVwnt9SG3VhI5HFd_Qs0IAxEQ9P-RpXyOOUFOZgatjLbBSTapZlJiw==

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 47 KB
14 KB 148ms
48ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 23uHLk4bIh1U3vOWofL5L0VGq9zFrnL7Cd5_KLNCjMVno2B_rBl3Pg==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 44 KB
13 KB 152ms
52ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: g37KgkxG0dq1-Ot-Mql-K9YB03Av1DdkikGj4wHq-KrvavYcaf4LBQ==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 25 KB
8 KB 155ms
56ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Nt9ZVIZmet51lNs84_ccpgWonWg12MtDwg72Y4-piBuWUXjZKN2XMA==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 16 KB
5 KB 150ms
60ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q91uT5fvF6aUiWaTqXBGFRtz0kw-rJDj6Qwjy4Udo9LFGwV9g4RzOg==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 74 KB
23 KB 155ms
65ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WgUYVo_3U1ce5rhtui_AvbDKUjvATRLPd9ImrREt4Eg321GhXLRWyQ==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 59 KB
19 KB 165ms
76ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fWSWv7Bcphv4AovalINq1Zi0ecvRA-WRD4wBWLuCyFoiJSJ2UqT6QA==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 91 KB
28 KB 172ms
86ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FxqdtOYZD238UUNDV8cPEIcLEjQiMHZfxMogWj_fwXemGcQCqZ59LQ==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 23 KB
7 KB 179ms
93ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fueI3cKzf3IJSxSKI57x_JSaxvJvaLrLAgWNJl_AUfQ-WXNcJCYHBQ==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 62 KB
20 KB 184ms
99ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PQomaS5NvI6IZlTgR1axI8x0yA6kvuwp3KJeruN-urzo9alG2u5_lw==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 105 KB
34 KB 190ms
105ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OSIUkZ3pIr6zU35bLHmnGNOjdUAMoB2OsVN5p1rKLvXkT68oo3HuOg==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 12 KB
4 KB 201ms
116ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: PNs5sOfM9JglF2KyKpJudGxLEACu33glZMTFHCPsNUjuDr6vGm_0OA==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 12 KB
5 KB 205ms
121ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vrwTJRMZmEveWkHmrgUTZbjSTb5f4FN7SqtzH6xJjCI7ELGRRL-mNg==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 17 KB
7 KB 205ms
121ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m6mOgAt39hARDWzik0mW7tS4cdbzTaeHnUus69A-lw8oVlu9LTCmUA==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame 7208 11 KB
3 KB 124ms
41ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NV4sfLAWmK-umfrYMPwg2k4q3KLuYLvZvYQWMxBJA6RM1qTlxf4uVg==

GET
H2 200 9.de66fab9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 70 KB
22 KB 210ms
127ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.de66fab9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1e4b8d2a1a5eb9645fb77c0098d1beb8ec3f1d61b0a7c839020e011c5fc6405c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:25 GMT
server: nginx
etag: W/"ef598b1b9b0d4c5cfa234e88c492fb54"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlrlond4mkcKce5GwVG63yxfBKTJMgSJ
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tWdZEbmTT-tqCrJGF-8mAvz3lpBlCQk9RJVOBQThjLmALZrnU7N1IA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 7208 24 B
666 B 126ms
44ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5cAuWVzjsKgmLUx03BJNF-J6evL_eD4E1gLwQRElzNqEWFRqW4-HYA==

GET
H2 200 17.b33a6e0b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 77 KB
20 KB 231ms
149ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.b33a6e0b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fbb446b79860a9c66ba04749477ac274776acf05e4be0c6937a499e1e7131129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:21 GMT
server: nginx
etag: W/"d622c1f193e6a4565f5bd9832b23517c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sjzd4G0YdH5FL1WzzvugcXYiMituXTPF
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NghidUVAwXPe_J0Z0rJBW_bnGfV62J2EMMlqHbJGCnc8S-r-SfkCHA==

GET
H2 200 24.8603213a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 48 KB
13 KB 230ms
150ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.8603213a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

37c18698722c6a2e4940ee3f65d56e08ad88d779ba3be1865396ac38e91d62ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 663285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"b8776dcc5c1a3083223a0463a48e260a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MNLYGPrRxdrdE8i61mB8AAl9xMksDWt5
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: R8xDJimnB-Wto8WhkfxCKB0UqdS9I5YxXNm4iM7TxYPgJfCXIAM3dA==

GET
H2 200 15.e16b9f15.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 40 KB
13 KB 231ms
151ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.e16b9f15.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b30f1d7bc922b6189b2b802edd654a15906177c6738a8e6af8871d216b5b80fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:21 GMT
server: nginx
etag: W/"58f43455bad11b46142ca9140da7af19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RlFfz.lxl1P8oaPhwWYCc.8K8w3Eei6N
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ETaXRp8C7mHDGsZmA6QQfpRwx8iSqk5QekmNI6gbSNPbDojuF1nnyA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 125ms
67ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-942159798

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

857ceb29c68ca39ac6e0da13d5e8663138b005ab089455619675ca6d56df4109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43940
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 11:17:29 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 139ms
79ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-942159798&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NDK7R3K

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1100c681093ed6ae1f5da56eff803478e37c51a0fcc4c12f0d7cf076c73baf3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43931
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 11:17:29 GMT

GET
H2 200 47.f4a0cab7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 47 KB
14 KB 246ms
185ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"58eb1e017120f28c6eea4aa3402a2042"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ghx9KuLEsU65toAWp7tNXfQomgxjyrbm
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rYTJ4DBX_Wp7fERL0OeehPy6TNAmCYKqTyI_A6V6KwWkzmSdmpO9OQ==

GET
H2 200 22.fd21eb42.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 44 KB
13 KB 247ms
187ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.fd21eb42.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"cbf1bca421271b2567e00a478296192b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: B9rIJ_he3NnZfaZwCr7GvLzRmtehknn.
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iZfpUIl7BMKz1WKu7WuZOMAbCK9XwTz4OG5vKx535mddmTVgqfnkxw==

GET
H2 200 39.0cc86423.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 25 KB
8 KB 248ms
188ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.0cc86423.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"3cbfbd7bb911f7cfc3b4394f334cdb67"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3g.L2n28pTj8AcDJTW_JUnx4I1CqyPA9
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xi1Y0UO1OQWAN2lsPttgpiDaLIevtKWevPjv4fYf3W_qTK53iLZM4A==

GET
H2 200 18.c13b3a33.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 16 KB
5 KB 269ms
211ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.c13b3a33.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"2e0e21fb7fd3dd146cc688e39d01d42e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6bdaEoVaogjxYdNJvlFfyTO_1fTxsp6o
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D8O2JwgBReuztAfnU8jSpjC294M3fXkrOZwos6w37s6W34sy5K0ZjQ==

GET
H2 200 20.8c21ea18.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 74 KB
23 KB 270ms
213ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.8c21ea18.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"6d77a76055d81227033363af2f18caf8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3hu4TmW9C8T_NDuhz7LQ7xXPZWKe2wNrYyVe2RS53epr1R7qg_o8fQ==

GET
H2 200 25.8f107198.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 59 KB
19 KB 271ms
214ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.8f107198.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"e2511c69e5bdc03467952abaccdb5383"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cyXTxSuCBvZx654ePqR2xs6GalDG76.D
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QiWjJYKRW5rzQ9JoXw2_RAdUODKPSJAdHJsyWxJmOdmEb7IMT4sT1w==

GET
H2 200 13.3e86f1f6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 91 KB
28 KB 285ms
228ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/13.3e86f1f6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"fdee1a560ca08e3d3702e14d8f1f0b82"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: eWIFIo8DxLn4S25aWqEs5lrAyCB0pQZS
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sXAaM9lL6aENvjQOkxQZl_zuIn07K5Nc1rXpoHyUj5qc58aRqm4W9g==

GET
H2 200 11.639238ba.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 23 KB
7 KB 286ms
229ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/11.639238ba.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:12 GMT
server: nginx
etag: W/"4049f38c00add1738dc4806148ff8829"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: g.TAX9Ljd1CKN2hPKg7rBsCyhJ70wktS
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jnzXIlUapedXXwI_8O2pmyG8gPIJk0jYB945GUGVOlOMKuP4EXAxMw==

GET
H2 200 16.fde6fa28.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 62 KB
20 KB 305ms
248ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/16.fde6fa28.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"90795af8c950a50300cf801b300db7ab"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AZatU1G3W6aZgnPi8EiGVtSbHMH8e_3C
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _EG3HSNsw9uT_Yqlwl0B7Ra9VKNHbMLB4_g5c4v073ATcNRaeTFJdw==

GET
H2 200 45.772158c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 105 KB
34 KB 306ms
250ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/45.772158c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e683acc1d1d7a31204545c14f2e45dfc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Wo_uRM2rzEKAIONIW1ozWH.Ih3Zgd.66
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: hJ3PeKAyEpJh6BP-4TAK-TSuKMMfX8zEQ-JM71xMpPMhFa4X3-y9Iw==

GET
H2 200 37.9da17c94.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 12 KB
4 KB 316ms
260ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.9da17c94.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
server: nginx
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mCtBqVeXjsAMj6oaFSfoKQOEQcNXMaEViB3tIRSNhDUNA0w8jbaZOQ==

GET
H2 200 28.ed383893.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 12 KB
5 KB 317ms
261ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.ed383893.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"910117b3f0a0501f693606963bfe4daf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: W4iSCS77kEC.SSNCcLhsvI35ESlRZh_5
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ZNAhTxQKaeGFVrLj3cM_A-VMtahBdOiPJa7grl0SLuvSK6RKNxA4fQ==

GET
H2 200 21.b8c41db9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 17 KB
7 KB 317ms
261ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b8c41db9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"65e5c965272e021ae33ff8bc39565ef5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: IYcZXStVL2CjeeCB9Www5YnCHKJfMMCs
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: it1iSY3-YHu7bMz0R_y3cpM62dvLfdTfAQ6WwPbe21HPFYfJvLGqxg==

GET
H2 200 9.5b0bb1c3.chunk.css
js.driftt.com/core/assets/css/ Frame C072 11 KB
3 KB 239ms
184ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.5b0bb1c3.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"e3c43c4a3d2f4cee45cccdb6e438af66"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hokYckg1IjTUPfKmbuCy6NNmRFmQH3VZ
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: UdYi2xVcdKxxtOQN5trXFxeXNI-rGI2vDMTKKIhDfyFabFKbBnNwQQ==

GET
H2 200 9.de66fab9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 70 KB
22 KB 317ms
262ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.de66fab9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1e4b8d2a1a5eb9645fb77c0098d1beb8ec3f1d61b0a7c839020e011c5fc6405c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:25 GMT
server: nginx
etag: W/"ef598b1b9b0d4c5cfa234e88c492fb54"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlrlond4mkcKce5GwVG63yxfBKTJMgSJ
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EBOYjJcPFJjbr9OwNBSZh1zAIvYg9sHX7FhPNxfKWbRgVrAvMCaQfQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame C072 24 B
664 B 238ms
185ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:49 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: "0c5dad92482d9a7c7c253510f5082465"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: ykspFRt4QsihJmMduj_fPY2DMuvVpMeo
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: j0C2IhE1BT2cb2f263gXcKu84y-Bix5Ov5VELD6aGtwlIzGYU4vtRw==

GET
H2 200 17.b33a6e0b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 77 KB
20 KB 317ms
263ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.b33a6e0b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fbb446b79860a9c66ba04749477ac274776acf05e4be0c6937a499e1e7131129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:21 GMT
server: nginx
etag: W/"d622c1f193e6a4565f5bd9832b23517c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sjzd4G0YdH5FL1WzzvugcXYiMituXTPF
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: V9Vda9rFLZqTJP83yupXNW2tbUgq3xPpc_krhGJfK7AfebL152TrNA==

GET
H2 200 24.8603213a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 48 KB
13 KB 317ms
264ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.8603213a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

37c18698722c6a2e4940ee3f65d56e08ad88d779ba3be1865396ac38e91d62ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 663285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"b8776dcc5c1a3083223a0463a48e260a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: MNLYGPrRxdrdE8i61mB8AAl9xMksDWt5
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: tDfN-DLnsO1aUN666NT_tY0HX5--LxibDo1pcUnnZ-vlLYuug6spig==

GET
H2 200 15.e16b9f15.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 40 KB
13 KB 319ms
267ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.e16b9f15.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b30f1d7bc922b6189b2b802edd654a15906177c6738a8e6af8871d216b5b80fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:21 GMT
server: nginx
etag: W/"58f43455bad11b46142ca9140da7af19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RlFfz.lxl1P8oaPhwWYCc.8K8w3Eei6N
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kuv1HujdeTJlEaBcVcta5Ai5HWmERbIJZImZbD7Ajkt3Qz7qA-wFzg==

POST
H2 204 collect Show response
d.clarity.ms/ 0
48 B 242ms
118ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.winningtemp.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.winningtemp.com
date: Fri, 08 Jul 2022 11:17:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 163ms
129ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942159798

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 11:17:29 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 9 KB
3 KB 136ms
38ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:20:39 GMT
content-encoding: gzip
age: 1569410
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eFTQb6SzGMfmtbAJIK_KbDOBBN6P23_cWka_VeV1kXMB6kTTin2e5A==

GET
H2 200 26.a5fa75d7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 33 KB
10 KB 137ms
39ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.a5fa75d7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"07c533e32590bc52ac1b137167ac3d81"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Om6KhJpoRUYTr7Om8uqiUaVuwIdIX9mR
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: h74M5A3yCeIwuwqqnD4Y5NQwNe0eocTpj-blD-ZHhiuN4gUOiWygVA==

GET
H2 200 27.c667535c.chunk.css
js.driftt.com/core/assets/css/ Frame 7208 8 KB
2 KB 132ms
34ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.c667535c.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"5d56f3a89744b768e05433ac1e2f7935"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xlq0zBG2KT_EHoSQ.8VBH19dO.kmmlfU
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rnV-lREOmgzUMNUAyfQ5x6KV-hOw40sZOhcYLWt4MsIa8kOl3BkTjQ==

GET
H2 200 27.795499fe.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 12 KB
5 KB 136ms
40ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.795499fe.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 663285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"5277c592e20a97f12101fb9221e1083d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: m7G6eGFZsSIOgQehhjNZaVndQOLVU8F2
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: OhN4pZCdgnsa8WtBnhTIVv-hYnxNerWL2GERslJrRBgNdlEkNU6qnA==

GET
H2 200 19.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 7208 365 B
1007 B 131ms
36ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/19.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 08:38:41 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
age: 2601528
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 365
last-modified: Fri, 22 Apr 2022 20:24:53 GMT
server: nginx
etag: "06b2963b029c0824382815165bfea73e"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: L3VGtilyy25ajd6juXICRdarj04czsmC
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NFyjRyu-luOiTjjYRlMSOrCRXVttj_0BZMc7cZQzdqthk3ujTUiwbA==

GET
H2 200 19.92750eb8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 7208 87 KB
25 KB 136ms
41ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.92750eb8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9e2e5256b8013060269c02146a4944749c6de0911e97436a4bf73f5c723b5850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core?embedId=prpcvi852fhm&region=US&forceShow=false&skipCampaigns=false&sessionId=dd972da7-1cf2-437a-8ac4-71c13fcd0fa8&sessionStarted=1657279054.184&campaignRefreshToken=a6b137ee-0ead-4e3a-858d-9ca711bb81d8&hideController=false&pageLoadStartTime=1657279045664&mode=CHAT&driftEnableLog=false&secureIframe=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:59:55 GMT
content-encoding: gzip
age: 55054
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 19:52:22 GMT
server: nginx
etag: W/"0f9de767f7dde4d61e268ef94dba7b10"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: TIa4suEzGkCgl1HKguYIVrdl2MEQ5aZT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6J8ixN6mMHaqXSDaRqOya5tBv0F3fJe2lPV7h7yAKl_8GlR_551MPA==

GET
H2 200 34.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame C072 3 KB
1 KB 132ms
6ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/34.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pDgWOASMN9_NDbkmryYYC4K2HoZ50omL
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rWGzq3-M3mmk9aMQhEIV2e6lgSMMg8Y2YFzjaaUThPzm7xt-cQeVLA==

GET
H2 200 34.07340d2f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 3 KB
2 KB 133ms
7ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.07340d2f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 1803770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:30 GMT
server: nginx
etag: W/"f732dfb3db72f996e1f4bc0225629a20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: HvgZCV9LNyT7x7vVdSj885BtX9dyNytM
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HKlTO9zkN0c09x2vO7HPEbOQ3cPeQDoNCiUxoywk0yYz5qqCuZ62kg==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942159798/ 3 KB
1 KB 152ms
124ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942159798/?random=1657279054909&cv=9&fst=1657279054909&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

87193ed516fae5b6ee523f2eb768bd29aea91ef761f065cd36525b7cb9f159fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 9 KB
3 KB 140ms
38ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 07:20:39 GMT
content-encoding: gzip
age: 1569411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 14:39:26 GMT
server: nginx
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: FXhpBdntUhclEQbRyN38j73SJPN5DG6s
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ptUnv6rrpWNctM0LOcwCA3q-etCApAsI5BXMgtl-Tptm6mvxNPd3DQ==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame C072 7 KB
2 KB 130ms
28ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qCJlHTNUr2HFRH6Ajng7Ce3aN.cZgspN
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LSIIBPdJhp4skWYYGPJZZX930tAeT4hDAg2OOqaJscUaAqY8taldmg==

GET
H2 200 3.00aa1009.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 54 KB
16 KB 141ms
39ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.00aa1009.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
server: nginx
etag: W/"b6e857285e106c4d697971a13a9e5f01"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 5X0O2ApU5vgBeUnxDu8Cb4hnMjQt6Q5W
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NtDYr75N6je9YONwx4jf5Pym7J7PU3s-sh0RGAQ221QQuxvxwj8COw==

GET
H2 200 1.2a811815.chunk.css
js.driftt.com/core/assets/css/ Frame C072 43 KB
7 KB 113ms
29ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.2a811815.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:14:39 GMT
content-encoding: gzip
age: 1803771
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 13:01:27 GMT
server: nginx
etag: W/"cffa309af51f35e8b5792ddf3e06a80b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VUaHAxuPIr8zCHoCffr5ySO3Had_qiEc
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HgOdTJi0Lh74TR7tWBUBJsxkVtVDJIXk_RZ3Wax5gE4pKMFE6aKWFQ==

GET
H2 200 1.f0c05bdf.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 73 KB
25 KB 124ms
40ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.f0c05bdf.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

09410642edee2a495d333f89ddf4c4a09dc9218c93de7d4d7d981117fe9d56b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 663286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:21 GMT
server: nginx
etag: W/"97f33a213b4ee5c284a67db4791de6fa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 0D6bsqEtygBehCY0YETmhhunXna8dEK1
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pLxfFzjdUhpzGTqTixhVH0x6JdvzSpi5FGRJHwlm_V024LyjuQeYkw==

GET
H2 200 32.52060f2d.chunk.css
js.driftt.com/core/assets/css/ Frame C072 12 KB
3 KB 114ms
31ms Stylesheet
text/css 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.52060f2d.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:59:50 GMT
content-encoding: gzip
age: 2474260
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 14:58:11 GMT
server: nginx
etag: W/"b63021470083bdc161ef4dda2e4912c3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D63PtXL5bP.wpWr.uBaG9A4P_yKmwfSx
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MDFEUBLwz0_mzQ8FSHsMp0nFRcuR07JCWC4oMJN-zRYrzV55d_Q2-g==

GET
H2 200 32.339f8363.chunk.js Show response
js.driftt.com/core/assets/js/ Frame C072 11 KB
5 KB 131ms
49ms Script
application/javascript 13.224.189.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.339f8363.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.b6d1e653.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-86.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1657279045664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:02:44 GMT
content-encoding: gzip
age: 663286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 18:14:23 GMT
server: nginx
etag: W/"566a10802a29d81a470d77eb56b23265"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: M0iCQaZ.gGkZ8Ke.B5BxYnub2OI8YHSv
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cM-39kbjWkjUqXN-FbDMZoi2UAToteWqFWZ8eCyX_LoeUcIwLQw9zw==

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 7208 25 B
123 B 149ms
149ms XHR
application/json 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Jul 2022 11:17:30 GMT
server: istio-envoy
requestid: 452ddf34aedefc4f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 655ms
141ms Preflight
text/plain 34.193.113.164

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.113.164 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 08 Jul 2022 11:17:30 GMT
requestid: drifte1dfa244fe482a22c9afa3c4774
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/942159798/ 42 B
64 B 111ms
67ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942159798/?random=1657279054909&cv=9&fst=1657278000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&async=1&fmt=3&is_vtc=1&random=794511216&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/942159798/ 42 B
64 B 131ms
87ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/942159798/?random=1657279054909&cv=9&fst=1657278000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.winningtemp.com%2Fdk%2Fbook-en-demo%3Futm_campaign%3DCustomer%2520sendout%26utm_medium%3Demail%26_hsmi%3D219002238%26_hsenc%3Dp2ANqtz-9OjMaiVRfdjxMzw4AhTaO9oUmO_hcz5Zyx1Yy_KX0Byzeqk0l9Iy6OC7zTxF5sAvwbKObg0O3qL2Fz6A29laRxKWMZgQ%26utm_content%3D219002238%26utm_source%3Dhs_email&tiba=F%C3%A5%20en%20gennemgang%20af%20Winningtemp!&async=1&fmt=3&is_vtc=1&random=794511216&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.winningtemp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 11:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 7208 147 B
268 B 145ms
143ms XHR
application/json 3.94.218.138

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/47.f4a0cab7.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

b88ea5cac53e40f3953f3ec186d585f166fa2bca6cfd77bfdc9b0a6ad0a444df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Jul 2022 11:17:31 GMT
server: istio-envoy
requestid: 55b0c829343122f2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 147
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 635ms
141ms Preflight
text/plain 3.94.218.138

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 08 Jul 2022 11:17:30 GMT
requestid: driftf3614964d929722e977656884da
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vars.hotjar.com
URL: https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.winningtemp.se/	1969-12-31 23:59:59	Name: __cfruid Value: 0f6b80048f1b004c69c4be95e038621d3333f6ca-1657279039
.winningtemp.com/	1970-01-20 06:30:55	Name: _gcl_au Value: 1.1.1373152989.1657279047
www.winningtemp.com/	1969-12-31 23:59:59	Name: CookieConsent Value: -2
.bing.com/	1970-01-20 13:42:55	Name: MUID Value: 27904C89E9BD6D573B115D52E8956CFE
.winningtemp.com/	1970-01-20 21:52:31	Name: _ga_LV30BCF2WJ Value: GS1.1.1657279047.1.0.1657279047.0
.ws.zoominfo.com/	1970-01-20 13:06:55	Name: visitorId Value: 0fa909a7e3d18fe31efa1d164e9b1573e8a6a32580e8c954f7d16b032b11167e
.winningtemp.com/	1970-01-20 04:22:45	Name: _uetsid Value: 8d0b3920feaf11ec96ca2f6dd523a63a
.winningtemp.com/	1970-01-20 13:42:55	Name: _uetvid Value: 8d0b73c0feaf11eca6a3cf9e6cfbb1cb
.winningtemp.com/	1970-01-20 06:30:55	Name: _fbp Value: fb.1.1657279048396.1721957799
.linkedin.com/	1970-01-20 05:04:31	Name: UserMatchHistory Value: AQJdIwRXhAp_awAAAYHdh1dpTQNitVu2ozqg6bz7xEDlHIqAq_WaPfuPyzhZ9VnGtv-QyqNV8aiNOg
.linkedin.com/	1970-01-20 05:04:31	Name: AnalyticsSyncHistory Value: AQJccn6cDfqXWwAAAYHdh1dpm_XD0tAxSFof6Hif-e8dc5PRoYYcbK3PdTYq87lw-1oIehAFQEOFZi9n-F2uzg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:53:12	Name: bcookie Value: "v=2&ef30da1e-15b7-4e8e-89a7-c7f29b2c69d4"
.linkedin.com/	1970-01-20 04:22:45	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2385:u=1:x=1:i=1657279043:t=1657365443:v=2:sig=AQH-3cV-ebRqEWISGKCPcMs_PgXMp8U_"
.winningtemp.com/	1970-01-20 13:06:55	Name: _hjSessionUser_2516908 Value: eyJpZCI6IjJmY2ZhYzdkLTFkZmYtNTNlMC1hNDBlLTkwM2FmZjgzNjZhNSIsImNyZWF0ZWQiOjE2NTcyNzkwNDg1ODEsImV4aXN0aW5nIjpmYWxzZX0=
.winningtemp.com/	1970-01-20 04:21:20	Name: _hjFirstSeen Value: 1
www.winningtemp.com/	1970-01-20 04:21:19	Name: _hjIncludedInSessionSample Value: 1
.winningtemp.com/	1970-01-20 04:21:20	Name: _hjSession_2516908 Value: eyJpZCI6IjAyOGVjZjA5LWE4OTAtNGQwZC05NzNlLTM2ZTk2YTk4NjdhYSIsImNyZWF0ZWQiOjE2NTcyNzkwNDg2MjEsImluU2FtcGxlIjp0cnVlfQ==
www.winningtemp.com/	1970-01-20 04:21:19	Name: _hjIncludedInPageviewSample Value: 1
.winningtemp.com/	1970-01-20 04:21:20	Name: _hjAbsoluteSessionInProgress Value: 0
www.clarity.ms/	1970-01-20 13:06:55	Name: CLID Value: 7ab24317e12e465e8abfbf8c00f9be66.20220708.20230708
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 21:53:12	Name: bscookie Value: "v=1&2022070811172331874af8-5a85-4db3-803a-59c5d0f11df5AQE6vN9OWsGJyJjYa18g5s1h6kklUHqF"
.linkedin.com/	1970-01-20 21:40:59	Name: li_gc Value: MTswOzE2NTcyNzkwNDM7MjswMjEbQ0jC7Ov90l+R7xpIfKyUpw0BwMdAqz8vcye7uHRczg==
.winningtemp.com/	1970-01-20 13:06:55	Name: _clck Value: 3vo7sb\|1\|f2z\|0
.winningtemp.com/	1970-01-20 21:52:31	Name: _ga Value: GA1.2.752353924.1657279048
.winningtemp.com/	1970-01-20 04:22:45	Name: _gid Value: GA1.2.8505073.1657279050
.winningtemp.com/	1970-01-20 04:21:19	Name: _gat_UA-63613656-4 Value: 1
.winningtemp.com/	1970-01-20 04:22:45	Name: _clsk Value: 13ktq6c\|1657279049774\|1\|1\|d.clarity.ms/collect
.doubleclick.net/	1970-01-20 13:42:55	Name: IDE Value: AHWqTUmNeqZ6luFfilkWkfvXH0w6zHXCSdsz75Zd08iE5e9YryAzfiq6goCT9boo
.c.bing.com/	1970-01-20 13:42:55	Name: SRM_B Value: 27904C89E9BD6D573B115D52E8956CFE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:42:55	Name: MUID Value: 27904C89E9BD6D573B115D52E8956CFE
.c.clarity.ms/	1970-01-20 04:21:19	Name: ANONCHK Value: 0
.winningtemp.com/	1970-01-20 08:40:31	Name: __hstc Value: 190353140.a6854e216e01c6155ca2126eec5066a9.1657279054167.1657279054167.1657279054167.1
.winningtemp.com/	1970-01-20 08:40:31	Name: hubspotutk Value: a6854e216e01c6155ca2126eec5066a9
.winningtemp.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.winningtemp.com/	1970-01-20 04:21:20	Name: __hssc Value: 190353140.1.1657279054167
www.winningtemp.com/	1970-01-20 04:21:20	Name: drift_campaign_refresh Value: a6b137ee-0ead-4e3a-858d-9ca711bb81d8
.hubspot.com/	1970-01-20 04:21:20	Name: __cf_bm Value: DNv03e45mEilg2JF_2GjY90AoyV8LmZ850HglS3NQRE-1657279049-0-Ad03cYAqlXJudWxmuNL44QkDNoYnizw87Fb5PyMqc34v1iVzJCcTBpJnN51eZBUm0kk4Siy0znKgORWpQFk83MY=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubapi.com
assets-global.website-files.com
bat.bing.com
bootstrap.api.drift.com
c.bing.com
c.clarity.ms
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
d.clarity.ms
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
in.hotjar.com
info.winningtemp.se
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
metrics.api.drift.com
px.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
ws.zoominfo.com
ws28.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.winningtemp.com
vars.hotjar.com
104.109.69.83
104.16.168.82
104.16.86.5
104.17.112.176
104.17.128.171
104.17.182.73
104.17.203.204
104.17.210.204
104.17.67.176
104.18.33.171
104.19.154.83
104.19.155.83
104.212.67.188
13.107.21.200
13.107.42.14
13.224.189.10
13.224.189.26
13.224.189.86
13.225.78.111
13.225.78.14
13.225.84.117
142.250.184.202
142.250.185.168
142.250.185.174
142.250.185.234
142.250.185.66
142.250.186.67
142.250.186.78
142.251.5.155
157.240.236.1
157.240.236.35
172.217.18.3
172.217.18.4
199.60.103.31
2.21.20.155
20.234.93.27
216.239.32.36
216.58.212.130
23.36.163.230
3.94.218.138
34.193.113.164
34.253.101.190
34.255.240.59
40.76.174.66
52.50.27.11
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
02840352581026aad3291a8357da6876c93b0e6d8aec9532bbc1a42f82bca1c5
046d1bf2e7d085f714d8acc754dde41d7f96ab7d5dc42bdb92dbd665074eda64
056d00be1429e645203a6f3b1897806162612a0631057b2baa873585748bdb25
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
077a7b35fe5c7dd4daa5aefdd11a581b36c76b6e4d6fbd5908e3cec9423e30bb
09410642edee2a495d333f89ddf4c4a09dc9218c93de7d4d7d981117fe9d56b9
0eab74a391808b24dd33b935f90a01681fdeaf1104e729ed5dfbcdb302bc3642
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1100c681093ed6ae1f5da56eff803478e37c51a0fcc4c12f0d7cf076c73baf3a
11fb518d49d795a748848d5d0eed7d4ca6c508730736f9947db6def482c80129
1211a9a77e9e16594929055d1e99009c3e85f4ffbbfd5b0646319087812eea30
1495cb770b3684833e3a5a556bb538e592afccd622603d1789d008cf5f1c2863
14aed4b19ed51e3a0cbb429669650e0e1f7e0f432ed8779b50846dc82822a051
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
19473eebfb0672867a4438e2a015de79fded34b9f5ae5598bade57eb01cf0563
1d91e58ebda9fbb2fa12601bc2fe265bacc10b1bc7e2c524b48492740de69863
1e4b8d2a1a5eb9645fb77c0098d1beb8ec3f1d61b0a7c839020e011c5fc6405c
1fe6d80da9210e1b7d9ce06af8f305181d80fce8bb9436e4900fac5b82aceb4b
203427e5a4c2b6a72638e35d2fe4507b4faef721a707eb2508a8a66915e121ed
2569c8942043e2360003990ba5ef73dffc3c2da13757bf30c9d0b3f298c3cc40
2dd4013e4c7255a0e59d15799abb06f3e51382039c75f08a16489be198982552
35aef62d3b68884082b92812c2ec465e90842ced4ec75ed59e08e6eec3fefd7e
37c18698722c6a2e4940ee3f65d56e08ad88d779ba3be1865396ac38e91d62ba
46959f0ff8db28a2e76b7bcd57953ead9ec578260c21cad5c5354a46f7890cf7
4fc341b184b1c95f662a02b8d98e4de8fba76d04e1ae7211c782de6815694b21
5066a52b0a106c909c3c46d052a6083c4100211e13a4fa6e360acb8b1e1932ad
57f0421ad8d70e1ec4ab2c3792d7b639374cc5bc4beaf4981c0213064ecb206b
5949dc5ef9ac0f8cb0d210d221d6eceeca2ffad94e3600b41566f468e146ae9a
5c09e8bec292a5b43b6a5be55beb50de7bf16c101bf236faa43e49ce70f8c229
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747
643284a0eca0e88605a52952545149695d41d4a6f057d897bedf92a24e32c573
6571455ca50a0df3f4b50a95ad6ca5fba3c6c629a222373c25c755d1dc761be5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c93a2e253cf1b83c4549ee38234134aa07f3b0293815375c49c9d4576986db1
72d52dcf32b1f0357fdb9688cb7d59dd429ed01f5bf3098825191ba7e244927c
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
78c1118165ba1620bd91cc6f96c1cd99fa9469a9382f73f313c8e556d0fdaa9d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fdab7b8e7e4841da85f6e6e5f62e39fc0b399c70300614de5e8c612c5c980eb
7fe9c49bb2fa7df0e7f30f29e2cf5dc5856a6a94e24020cd71b15806418e2509
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
81e6b4ec22135fd2056e29456e32539e21876266ab0bf8438b87117f70c0f827
8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8537658f1c3353d27487ba55287bcaa83b0366af90c30d63ebd3422b0978c86c
857ceb29c68ca39ac6e0da13d5e8663138b005ab089455619675ca6d56df4109
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
87193ed516fae5b6ee523f2eb768bd29aea91ef761f065cd36525b7cb9f159fb
8843d0dae7daa6e3bdf06e07ffb65e5b5240268203496f5946dcdda9cc0c290d
88d623d347bc1d092c1d546f62ac989acddceb46ca869c4b48adb62e229daee5
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
8b7be87db71855fe47b30e1a60953e25a0e6a832e4ff3fefa682cf74d9e66cf0
8e752e4d9e5f8ab1646ec3dc5c7dd460b530fef8172c4c77f71f14f477fcfbd8
91c379a7d8ec04aeeb162ea6d8069ad9fe872cec0d8a56f8861b02c494a6e0f2
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
968852dd96102e2444be1582f567958d1ac290338121606f2280c7b4b57fb4e6
97c79579d2c408c2d51ea5827e010a33400785e438866925ec50baa165a35da1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9df0c15923f76778de529c7e5131028841cb6891ca460d779c92e499005ee0d0
9e2e5256b8013060269c02146a4944749c6de0911e97436a4bf73f5c723b5850
a0afd6cedf4a16f8eb5157d7b0e069197c8639ee33f11f308af586cabbee3d90
a15272fe8b80a449c7d9739a4fb13137432fd5bf9ecb904e4e0961b9234e9312
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
af7690b10b2e4c40106b8e8ac69c9287176615a9913004666af12c98251d6ec0
afa14842141b86bee803064ad6507d4790f7f4df61bd3f41dd79648f932f730d
b1ee4038c00d2334c905cc44bb99c1824d862435cc003dda35b8002b590db78e
b30f1d7bc922b6189b2b802edd654a15906177c6738a8e6af8871d216b5b80fc
b3ac385664d303e3dc6b6b863fb3159791ad9372b32c7ec0fc26e8573e9d4b8d
b84595cc8461bb6e8376fe94f0dd23d6657172103b03653534089c5992b058a1
b88ea5cac53e40f3953f3ec186d585f166fa2bca6cfd77bfdc9b0a6ad0a444df
b8eef39219651c2e824894e8f8d35742e86021c1a556136fb6ffc5e1169bccbd
c2fe03da3b5749380d6fa827173436f28950f4e805ecfc201cfffac7bd5885c8
c501de88fbb90a445f1754a529bc772e7047071bf653c8c3f0330f7bb736d140
c735572b71edf5b464fc8403adf146e45d5546808918b88991666410033c779a
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cab3d4602eeb3aee00a93fe43639bfae5532211379cdfe732d805168f659803d
cbd1fd9e5454ee302f349f7a91241a8e37f4daf59dfbbfb26d8c76d4ec49fac9
cc08221e904788853f9dbae9e845e8c88e947de904dcd007c0da0c4d18acd1de
d27f20e89f3e5dcaacd001244fa069820eb9e4427175448a5eef69e6d4a77393
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d783d8e0cfa7810d39ffd41d6d2319e507fa502d4ef96bbcbe2ba3fba10dfc7f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
dd7e25fe1547c7102760792d7b920ed5a289aa0224014594f856b5ab396dc0d6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e031035c40a4a3b310789482fe0925e9489cfbc98884dac5239a2ed815fd1f81
e3205178d8f4b21ab5dc10a089939e49dd276dea7b5047ef2b494ffea3b93b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e60980641d55d742f778f2648c659340214c5217092d83df29b3f071dcf455b0
e7eced8f63cb76c92a39056ff1a2a8720b01e5322f0cc5e02491593829bf0eb4
e86d360a13e5fd4d6e83fe54af5f4debb3782bf9842e3876c28377ee615cecc2
ea059dde9d901b7f2cd9307ab93d5ed5869f990c20c1644e3ae7591f694dc29d
ec1daec27b0f38d8a504fba3760571e34962ddd4361cdb8a7afad225e240447d
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb7650e7f6f06e3dd004356e32a3e4dd0f19163078337e4f5a8ae6379a154f2
f14971f1540812bf84fdd34a4c25e7ea6a71c5345abbfeb294eb616771e33e56
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f54e955a74727801616229225bb908421be7089c023b7d76344868285c3e9f67
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fb8959289db243c243665277ca87ff25ea91c90a72fa40f99e7b20be86710736
fbb446b79860a9c66ba04749477ac274776acf05e4be0c6937a499e1e7131129

www.winningtemp.com Open in urlscan Pro 34.253.101.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

97 %HTTPS

0 %IPv6

33 Domains

47 Subdomains

46 IPs

4 Countries

2565 kBTransfer

8730 kBSize

40 Cookies

27 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.winningtemp.com Open in urlscan Pro
34.253.101.190 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

97 %
HTTPS

0 %
IPv6

33
Domains

47
Subdomains

46
IPs

4
Countries

2565 kB
Transfer

8730 kB
Size

40
Cookies

177 HTTP transactions
4 data transactions