urlscan.io logo urlscan.io
SecurityTrails logo

heaven23.se Open in urlscan Pro
79.99.5.208  Public Scan

Go To Rescan Add Verdict Report
URL: https://heaven23.se/
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 7 countries across 54 domains to perform 88 HTTP transactions. The main IP is 79.99.5.208, located in Falkenberg, Sweden and belongs to PORTLANE www.portlane.com, SE. The main domain is heaven23.se.
TLS certificate: Issued by R3 on March 10th 2024. Valid for: 3 months.
This is the only time heaven23.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 79.99.5.208 42708 (PORTLANE ...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.126 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.96.87 16509 (AMAZON-02)
2 79.99.5.209 42708 (PORTLANE ...)
1 18.164.96.54 16509 (AMAZON-02)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 4 37.157.5.132 198622 (ADFORM)
1 185.167.164.44 198622 (ADFORM)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 13 185.167.164.53 198622 (ADFORM)
2 3 52.22.74.198 14618 (AMAZON-AES)
1 23.56.162.125 16625 (AKAMAI-AS)
1 69.173.151.100 26667 (RUBICONPR...)
1 18.196.37.135 16509 (AMAZON-02)
1 1 23.105.12.120 30633 (LEASEWEB-...)
1 63.251.28.134 13789 (INTERNAP-...)
2 2 35.211.178.172 19527 (GOOGLE-2)
1 141.226.224.48 200478 (TABOOLA-AS)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 2 50.57.31.206 19994 (RACKSPACE)
2 4 54.156.26.12 14618 (AMAZON-AES)
2 2 50.16.197.56 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 _)
2 2 35.244.154.8 396982 (GOOGLE-CL...)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 54.157.149.99 14618 (AMAZON-AES)
1 4 23.46.225.71 16625 (AKAMAI-AS)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 1 54.228.92.70 16509 (AMAZON-02)
1 52.218.30.59 16509 (AMAZON-02)
1 35.174.169.214 14618 (AMAZON-AES)
4 4 142.250.72.98 15169 (GOOGLE)
3 4 68.67.160.132 29990 (ASN-APPNEX)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 18.238.55.84 16509 (AMAZON-02)
2 3 52.209.135.120 16509 (AMAZON-02)
2 2 44.215.43.234 14618 (AMAZON-AES)
1 1 2600:9000:21d... 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 54.164.170.49 14618 (AMAZON-AES)
3 3 35.71.131.137 16509 (AMAZON-02)
3 4 162.19.138.118 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
1 23.51.57.155 16625 (AKAMAI-AS)
1 1 2600:9000:220... 16509 (AMAZON-02)
1 69.20.43.192 27357 (RACKSPACE)
1 46.19.11.36 51790 (SIEL)
1 3.224.131.173 14618 (AMAZON-AES)
4 4 141.94.171.215 16276 (OVH)
1 2 52.223.22.214 16509 (AMAZON-02)
1 3.210.56.21 14618 (AMAZON-AES)
88 43
22    79.99.5.208 (Falkenberg, Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
PTR: 79-99-5-208-static.glesys.net
heaven23.se
1    2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com
1    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:141b:1c00:2e::17d1:48c8 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
3    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
2    79.99.5.209 (Falkenberg, Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
PTR: 79-99-5-209.serverhotell.net
oneroof.svenskamassan.se
1    18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net
vc.hotjar.io
2    2600:141b:1c00:2588::f09 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
imgsct.cookiebot.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
server.seadform.net
1    185.167.164.44 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
13    185.167.164.53 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
3    52.22.74.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-74-198.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
1    23.56.162.125 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-125.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    18.196.37.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-37-135.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    23.105.12.120 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
1    63.251.28.134 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
2    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
4    54.156.26.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-26-12.compute-1.amazonaws.com
ps.eyeota.net
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 _, GB)
load77.exelator.com
2    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    54.157.149.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-149-99.compute-1.amazonaws.com
sync.crwdcntrl.net
4    23.46.225.71 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-225-71.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
1    54.228.92.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-92-70.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.30.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
1    35.174.169.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-169-214.compute-1.amazonaws.com
beacon.krxd.net
4    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
cm.g.doubleclick.net
4    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    18.238.55.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-84.jfk52.r.cloudfront.net
pdw-adf.userreport.com
3    52.209.135.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-135-120.eu-west-1.compute.amazonaws.com
a.audrte.com
2    44.215.43.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-43-234.compute-1.amazonaws.com
dpm.demdex.net
1    2600:9000:21da:f200:1a:609a:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    54.164.170.49 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-170-49.compute-1.amazonaws.com
pm.w55c.net
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:9000:2209:4800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
1    3.224.131.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-131-173.compute-1.amazonaws.com
bpi.rtactivate.com
4    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
2    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    3.210.56.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-56-21.compute-1.amazonaws.com
e1.emxdgt.com
Apex Domain
Subdomains		 Transfer
22 heaven23.se
heaven23.se
3 MB
17 adform.net
track.adform.net — Cisco Umbrella Rank: 4451
s2.adform.net — Cisco Umbrella Rank: 7548
c1.adform.net — Cisco Umbrella Rank: 618
dmp.adform.net — Cisco Umbrella Rank: 3154
42 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3127
1 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 433
5 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 500
ib.adnxs.com — Cisco Umbrella Rank: 256
4 KB
4 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
990 B
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 790
stags.bluekai.com — Cisco Umbrella Rank: 1178
1 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1188
2 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4106
consentcdn.cookiebot.com — Cisco Umbrella Rank: 4763
imgsct.cookiebot.com — Cisco Umbrella Rank: 4866
36 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
1000 B
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2084
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1924
load77.exelator.com — Cisco Umbrella Rank: 4314
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 724
ice.360yield.com — Cisco Umbrella Rank: 2196
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
75 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 426
959 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13712
651 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 925
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 246
1 KB
2 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2787
490 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 917
838 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
929 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 483
818 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1506
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 383
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
368 B
2 svenskamassan.se
oneroof.svenskamassan.se
198 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 703
script.hotjar.com — Cisco Umbrella Rank: 882
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
179 KB
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2357
120 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1654
109 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 28456
49 B
1 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2440
521 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 705
523 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1421
277 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1541
456 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 582
648 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 24624
444 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 951
471 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1089
44 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 29911
380 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 817
633 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1739
375 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 588
638 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 687
668 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 4745
38 B
1 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 493
655 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4638
400 B
1 seadform.net
server.seadform.net — Cisco Umbrella Rank: 36946
466 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2643
233 B
1 gstatic.com
fonts.gstatic.com
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
796 B
88 54
Domain Requested by
22 heaven23.se heaven23.se
9 c1.adform.net 1 redirects track.adform.net
c1.adform.net
4 pixel.onaudience.com 4 redirects
4 id5-sync.com 3 redirects c1.adform.net
4 dmp.adform.net c1.adform.net
4 cm.g.doubleclick.net 4 redirects
4 ps.eyeota.net 2 redirects c1.adform.net
3 match.adsrvr.org 3 redirects
3 a.audrte.com 2 redirects c1.adform.net
3 secure.adnxs.com 2 redirects c1.adform.net
3 tags.bluekai.com c1.adform.net
3 track.adform.net 2 redirects heaven23.se
3 connect.facebook.net heaven23.se
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 eb2.3lift.com 1 redirects c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 2 redirects
2 eu-u.openx.net 1 redirects c1.adform.net
2 sync.crwdcntrl.net 1 redirects c1.adform.net
2 px.ads.linkedin.com 1 redirects c1.adform.net
2 idsync.rlcdn.com 2 redirects
2 loadm.exelator.com 2 redirects
2 uipglob.semasio.net 1 redirects c1.adform.net
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 x.bidswitch.net 2 redirects
2 ad.360yield.com 1 redirects c1.adform.net
2 www.facebook.com heaven23.se
2 oneroof.svenskamassan.se heaven23.se
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 www.googletagmanager.com heaven23.se
www.googletagmanager.com
1 imgsct.cookiebot.com
1 stags.bluekai.com 1 redirects
1 e1.emxdgt.com c1.adform.net
1 bpi.rtactivate.com c1.adform.net
1 match.contentexchange.me c1.adform.net
1 cs.lkqd.net c1.adform.net
1 s.ad.smaato.net 1 redirects
1 sync.teads.tv c1.adform.net
1 ice.360yield.com 1 redirects
1 ib.adnxs.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 simage2.pubmatic.com c1.adform.net
1 beacon.krxd.net c1.adform.net
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 pippio.com 1 redirects
1 load77.exelator.com c1.adform.net
1 sync-t1.taboola.com c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 rtb-csync.smartadserver.com 1 redirects
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 ad.yieldlab.net c1.adform.net
1 server.seadform.net heaven23.se
1 s2.adform.net heaven23.se
1 consentcdn.cookiebot.com consent.cookiebot.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com heaven23.se
1 fonts.googleapis.com heaven23.se
88 64
Subject Issuer Validity Valid
heaven23.se
R3		 2024-03-10 -
2024-06-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
oneroof.svenskamassan.se
R3		 2024-03-04 -
2024-06-02		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-22 -
2024-03-21		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-31 -
2025-01-29		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M03		 2024-02-12 -
2025-03-11		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2023-06-14 -
2024-06-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://heaven23.se/
Frame ID: 85966B97D46D3CADBBCB5E330924ACE9
Requests: 44 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 5525E52D2C9B77A9DAD12F603D24AB3F
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Frame ID: D066CD8EFA490D63D37BD9569893EB8B
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Restaurang, vin & cocktails med utsikt i Göteborg

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <meta[^>]*google-signin-client_id
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

88
Requests

69 %
HTTPS

21 %
IPv6

54
Domains

64
Subdomains

43
IPs

7
Countries

3351 kB
Transfer

8652 kB
Size

85
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 42
  • https://track.adform.net/Serving/TrackPoint/?pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 46
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=345988415891854546&Expiration=1711574298 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=345988415891854546&Expiration=1711574298
Request Chain 50
  • https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=345988415891854546&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=10&cid=8347195105558666957
Request Chain 52
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=345988415891854546 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=345988415891854546 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=595b7077-bdc8-4bfd-b6c2-6e3d53573524&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 53
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=345988415891854546&expiration=1711574298 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=345988415891854546&expiration=1711574298&C=1
Request Chain 54
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=345988415891854546&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=345988415891854546&sInitiator=external
Request Chain 55
  • https://ps.eyeota.net/match?uid=345988415891854546&bid=9gdtmu1 HTTP 302
  • https://ps.eyeota.net/match/bounce/?uid=345988415891854546&bid=9gdtmu1
Request Chain 56
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=345988415891854546 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=345988415891854546&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 57
  • https://idsync.rlcdn.com/398366.gif?partner_uid=345988415891854546 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSMzQ1OTg4NDE1ODkxODU0NTQ2EAAaDQibsMivBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&rand=06735240 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&rand=06735240&expected_cookie=2935bcb8-a348-4aa4-97d3-1aa3f2188fb0
Request Chain 58
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/gdpr_consent=
Request Chain 60
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=345988415891854546 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=345988415891854546
Request Chain 61
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzQ1OTg4NDE1ODkxODU0NTQ2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzQ1OTg4NDE1ODkxODU0NTQ2&google_tc= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDDIFDIU7pU6y8o9xTpzzL4&google_cver=1&google_ula=1641347,0
Request Chain 65
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=1740656171100550908&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=345988415891854546
Request Chain 68
  • https://a.audrte.com/a?adform_uid=345988415891854546 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDg0R01XRWMtUjlSaS1ocjBHTk9oclpndw%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 69
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=345988415891854546&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=345988415891854546&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=89753602479677957812200079951217544688&noredirect=1
Request Chain 70
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=345988415891854546 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212660604820007990282
Request Chain 71
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7345960446453348502
Request Chain 73
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=si58rxuh1RKvZp5
Request Chain 74
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=d257b3a4-d26d-4bca-ac47-1278652f50f6
Request Chain 75
  • https://id5-sync.com/s/10/0.gif?puid=345988415891854546 HTTP 302
  • https://id5-sync.com/c/10/10/2/1.gif?puid=345988415891854546&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/10/2/1/2.gif?puid=1740656171100550908&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-87a4KNCKFEkhvZNDDHJJ_VZmFvvMp-ojWoRuPLtmqQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/10/124/0/3.gif?puid=f005aaf3-a962-42c8-aa92-d4054789ac64&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 76
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=591174107 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TCgkiE1szFA1vxtoyTv8ye
Request Chain 78
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=345988415891854546 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cb3fc50de9&gdpr=0&gdpr_consent=
Request Chain 81
  • https://pixel.onaudience.com/?mapped=345988415891854546&partner=68 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=196b3deff5d6aaff HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=d257b3a4-d26d-4bca-ac47-1278652f50f6&bid=1e2n4ou
Request Chain 82
  • https://eb2.3lift.com/xuid?mid=7354&xuid=345988415891854546&dongle=AD20 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=345988415891854546&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Request Chain 84
  • https://pixel.onaudience.com/?partner=290&mapped=345988415891854546 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=45e697007adec43e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=MmtHOEovSGQ5OVlJV2RKaw%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEI9GSnLtFF2GXEOLMP6JJBk&google_cver=1

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heaven23.se/ 		106 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e16ac4737b6ca75e7c773e4097d2fc1e959c69b5f931a33bdf18ea6feb1fc3ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 21:18:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://heaven23.se/wp-json/>; rel="https://api.w.org/" <https://heaven23.se/>; rel=shortlink
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
x-fastcgi-cache
HIT
x-fastcgi-cache-key
httpGETheaven23.se/
x-web-backend
prod-web1
announcement-bar.min.css
heaven23.se/plugins/wp-announcement//assets/css/ 		430 B
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/plugins/wp-announcement//assets/css/announcement-bar.min.css
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dea6ebdc5e5f8dece8ade4ef78662b16ed59ed4625892a5882eaf4a891d4c987

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:15 GMT
last-modified
Thu, 22 Jun 2023 13:35:42 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64944e2e-1ae"
content-type
text/css
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
430
expires
Thu, 31 Dec 2037 23:55:55 GMT
admin-ajax.php
heaven23.se/wordpress/wp-admin/ 		123 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/wordpress/wp-admin/admin-ajax.php?action=frmpro_css
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a264c781779b153ef6cfe45eb2cb1ecb4467d90eea45aded9b86887010a46900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
cache
date
Wed, 13 Mar 2024 21:18:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.18.0 (Ubuntu)
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-fastcgi-cache
BYPASS
x-web-backend
prod-web1
cache-control
max-age=86400
x-fastcgi-cache-key
httpGETheaven23.se/wordpress/wp-admin/admin-ajax.php?action=frmpro_css
x-robots-tag
noindex
expires
Thu, 14 Mar 2024 21:18:15 GMT
smab.css
heaven23.se/themes/smab/assets/build//styles/ 		1 MB
131 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/themes/smab/assets/build//styles/smab.css?id=4c5ea41effc5ba809882
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6a6565c9a96ea96d6171f432007f381f2fe2d6d7ccd51cbb493e06b1ec4cd95f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:15 GMT
content-encoding
gzip
last-modified
Tue, 12 Mar 2024 06:16:32 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65eff340-11d926"
content-type
text/css
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		775 B
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Abril+Fatface&subset=latin-ext
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06dcc2b41a049d82f01fe4e2ca09c82d9077536d2c443a1c351a9a39ce2a2625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Mar 2024 21:18:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 21:18:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Mar 2024 21:18:15 GMT
jquery.js
heaven23.se/wordpress/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/wordpress/wp-includes/js/jquery/jquery.js
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:15 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 13:30:44 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"64944d04-17ba0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
heaven23.se/wordpress/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/wordpress/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:15 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 13:30:59 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"64944d13-2748"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
smab-print.css
heaven23.se/themes/smab/assets/build//styles/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/themes/smab/assets/build//styles/smab-print.css?id=43f2ff6ccadf9d02272f
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
76ac5bc9b1c19bf7c947d0ae679bc2ce8c654044dc6be2d0b5d6d69cdf54eb74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 13:35:56 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"64944e3c-a31"
content-type
text/css
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
be3aa92d-7f54-4afb-b729-e419a420b940.png
heaven23.se/uploads/sites/29/2018/04/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2018/04/be3aa92d-7f54-4afb-b729-e419a420b940.png
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
daa66a01abc5e902d42f399578c82713ca044cd1f34aeb54cd9f97fe40129692

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:15 GMT
last-modified
Thu, 05 Apr 2018 06:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5ac5c3fb-67ff"
content-type
image/png
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
accept-ranges
bytes
content-length
26623
expires
Thu, 31 Dec 2037 23:55:55 GMT
announcement-bar.js
heaven23.se/plugins/wp-announcement//assets/script/ 		1 KB
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/plugins/wp-announcement//assets/script/announcement-bar.js
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2721379ea3f48234cee8e008e7e23a3960b96d74b6b283e1d5e632bb3387f410

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 13:35:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"64944e0c-4c6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
register-sw.js
heaven23.se/plugins/super-progressive-web-apps/public/js/ 		331 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/plugins/super-progressive-web-apps/public/js/register-sw.js
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1723d2d5dcb510df9c8cd3c756543d171cc374ed9ee7f1251dd75ba6ac20637a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:15 GMT
last-modified
Thu, 22 Jun 2023 13:33:42 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64944db6-14b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
331
expires
Thu, 31 Dec 2037 23:55:55 GMT
smab.js
heaven23.se/themes/smab/assets/build//scripts/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/themes/smab/assets/build//scripts/smab.js?id=50037c4ddf7e9473ce74
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
49c46f2e9affb96f1966131ecddb4c9632b535bb579e991c8da238955ead5275

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
gzip
last-modified
Tue, 12 Mar 2024 06:16:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"65eff33f-40767e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		256 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M669D94
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89991f954c237ded2a23b667afa9e0bbd7295d3105a489e09328d016253ed5a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89266
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Mar 2024 21:18:16 GMT
hotjar-917151.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-917151.js?sv=6
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
614173933234d30524dee57281924d8d5c7f6926febc9613bb2e28306b92b7ea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6104f765cfecf9c49eb7195c359eea46.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/7c85ddcd1b2252247a683814b133fad6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
cUWS5V0aAlfVTCxU0QEWujznLOvh3fsVlZaTfjg19yoaIOdxZMbhMg==
be3aa92d-7f54-4afb-b729-e419a420b940.png
heaven23.se/uploads/sites/29/2018/04/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2018/04/be3aa92d-7f54-4afb-b729-e419a420b940.png
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
daa66a01abc5e902d42f399578c82713ca044cd1f34aeb54cd9f97fe40129692

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
last-modified
Thu, 05 Apr 2018 06:36:43 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5ac5c3fb-67ff"
content-type
image/png
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
26623
expires
Thu, 31 Dec 2037 23:55:55 GMT
bbcfa82f-33eb-47a3-a899-9770c3bf2d7f.png
heaven23.se/uploads/sites/29/2016/12/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2016/12/bbcfa82f-33eb-47a3-a899-9770c3bf2d7f.png
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0e087432a78bc5633079fdb6e3c181f84bfff9ffb0eb266a1581b7b6af143c21

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
last-modified
Tue, 22 Aug 2017 08:15:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"599be823-110ce"
content-type
image/png
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
accept-ranges
bytes
content-length
69838
expires
Thu, 31 Dec 2037 23:55:55 GMT
heaven23signatur23.jpg
heaven23.se/uploads/sites/29/2023/07/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2023/07/heaven23signatur23.jpg
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a393bdda9935a44014b5d38681a4ce3ded139b130042744ac43eaddfa0f4c9ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
last-modified
Mon, 03 Jul 2023 08:46:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64a28ad0-3f1b6"
content-type
image/jpeg
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
258486
expires
Thu, 31 Dec 2037 23:55:55 GMT
skyline.svg
heaven23.se/themes/smab/assets/build/images/ 		127 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/themes/smab/assets/build/images/skyline.svg
Requested by
Host: heaven23.se
URL: https://heaven23.se/themes/smab/assets/build//styles/smab.css?id=4c5ea41effc5ba809882
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
670ab548281fdcb08f1755d2eb7e5eea1a4a2085a2c16f2b8932256d6a8facc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/themes/smab/assets/build//styles/smab.css?id=4c5ea41effc5ba809882
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
gzip
last-modified
Thu, 22 Jun 2023 13:35:50 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"64944e36-1fa27"
content-type
image/svg+xml
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
fonts.gstatic.com/s/abrilfatface/v23/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abrilfatface/v23/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Abril+Fatface&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://heaven23.se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 08:52:44 GMT
x-content-type-options
nosniff
age
44732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13176
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:06:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 08:52:44 GMT
bebas-neue-bold.woff
heaven23.se/themes/smab/assets/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/themes/smab/assets/fonts/bebas-neue-bold.woff
Requested by
Host: heaven23.se
URL: https://heaven23.se/themes/smab/assets/build//styles/smab.css?id=4c5ea41effc5ba809882
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fe75814bc93ee7ebcd4aedf3a707177d66890446b8197e74f75c31825d3e673f

Request headers

Referer
https://heaven23.se/themes/smab/assets/build//styles/smab.css?id=4c5ea41effc5ba809882
Origin
https://heaven23.se
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
last-modified
Thu, 22 Jun 2023 13:36:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64944e59-9170"
content-type
application/font-woff
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
37232
expires
Thu, 31 Dec 2037 23:55:55 GMT
uc.js
consent.cookiebot.com/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=49cc2fbe-abe7-495c-8df3-4ab32469bf46&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M669D94
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2e::17d1:48c8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
341f707ebe00267db1fd017fe3c780ce991dc4b271e94e2bcd1b0988eb1db06a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 10:50:26 GMT
etag
"92efefeca173da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=125
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34338
expires
Wed, 13 Mar 2024 21:20:21 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-70K03G6MQ5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M669D94
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
911e2fd8bf2ea6ae2b39121ab36fdb442d04efb9ca26cef085a28fff235cc5c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93785
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Mar 2024 21:18:16 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M669D94
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 19:51:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5194
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 13 Mar 2024 21:51:42 GMT
modules.76600994a7e845923464.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.76600994a7e845923464.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-917151.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 12:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3b0649a8bee506c1d7498462d39e6c44.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
31689
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55785
last-modified
Wed, 13 Mar 2024 12:29:47 GMT
etag
"ef9df1813a7be6a9f62fdfc3c4c6965d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
V5gzb-o_OnxgyJxhv2hquFiei6CTq9bsFYj6p4FMHLrbXpTDnZfh5w==
health
oneroof.svenskamassan.se/api/v1/monitor/ 		15 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oneroof.svenskamassan.se/api/v1/monitor/health
Requested by
Host: heaven23.se
URL: https://heaven23.se/themes/smab/assets/build//scripts/smab.js?id=50037c4ddf7e9473ce74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.209 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-209.serverhotell.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e923f1fb3eabfa7697d460e28cf79cf93ac6f877b581bfe11bfd5d05be8e8790

Request headers

Accept
application/json, text/plain, */*
Referer
https://heaven23.se/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-API-KEY
xzE1ilzSLGUnOfJWd3ULqZcHh4RXUteFKFkwu2UauIBfRiAzsIThxRT7BrAmHK2l

Response headers

access-control-allow-origin
*
date
Wed, 13 Mar 2024 21:18:17 GMT
x-web-backend
oneroof1
accept-charset
utf-8
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
health
oneroof.svenskamassan.se/api/v1/monitor/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oneroof.svenskamassan.se/api/v1/monitor/health
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.209 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-209.serverhotell.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://heaven23.se
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-API-KEY,X-ORIGIN,authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-type
text/plain charset=UTF-8
date
Wed, 13 Mar 2024 21:18:17 GMT
server
nginx/1.18.0 (Ubuntu)
917151
vc.hotjar.io/sessions/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/917151?s=0.25&r=0.02400583510046017
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.76600994a7e845923464.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-54.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Mar 2024 21:18:17 GMT
cache-control
no-store
via
1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
DOdEQsyNk6Ft_8duEkZwWd0GJX1-OjGsw6X0XcaRyJ1ggJH5jHvoOg==
x-cache
Miss from cloudfront
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 5525 		627 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=49cc2fbe-abe7-495c-8df3-4ab32469bf46&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2588::f09 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://heaven23.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 21:18:17 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 13 Mar 2025 21:18:17 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1710364697095_399550060_21543612_12_465_55_43_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/49cc2fbe-abe7-495c-8df3-4ab32469bf46/ 		39 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/49cc2fbe-abe7-495c-8df3-4ab32469bf46/cc.js?renew=false&referer=heaven23.se&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=49cc2fbe-abe7-495c-8df3-4ab32469bf46&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2e::17d1:48c8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5fc4609faa185319397d96b840377451aed07c0f6ad1ceb25d18d1c7c649b1d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2024 21:18:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
156
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
collect
www.google-analytics.com/j/ 		3 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=968175104&t=pageview&_s=1&dl=https%3A%2F%2Fheaven23.se%2F&ul=en-us&de=UTF-8&dt=Restaurang%2C%20vin%20%26%20cocktails%20med%20utsikt%20i%20G%C3%B6teborg&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBACEABFAAAACAEK~&jid=955437191&gjid=227383065&cid=2032893430.1710364697&tid=UA-844357-4&_gid=1089043690.1710364697&_r=1&_slc=1&gtm=45He43b0n81M669D94v76192008za200&gcs=G111&gcd=13r3v3n3n5&dma=0&cd1=2032893430.1710364697&z=1361812277
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heaven23.se/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaven23.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-70K03G6MQ5&gtm=45je43b0v870602566z876192008za200&_p=1710364696036&gcs=G111&gcd=13r3v3n3n5&npa=0&dma=0&gdid=dMWZhNz&cid=2032893430.1710364697&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710364696&sct=1&seg=0&dl=https%3A%2F%2Fheaven23.se%2F&dt=Restaurang%2C%20vin%20%26%20cocktails%20med%20utsikt%20i%20G%C3%B6teborg&en=page_view&_fv=1&_ss=1&tfd=2330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-70K03G6MQ5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaven23.se
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		216 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 21:18:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57631
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=12, mss=1294, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
g6XTiGvjd6RFKmeXKH+8QrNBmMPAFcHs3zx2G6B6w6YsiYs1gEvwSQWQin37VgRzpXxPANZVL3Ogh1I2djL8rA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Server
185.167.164.44 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:18 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2024 07:02:31 GMT
server
nginx
x-amz-request-id
tx00000bbe73cbd24ef5535-0065eaccdd-3296fce9-default
etag
W/"1c188eabf1f0749a0cffb2c108473370"
x-cache-status
HIT, HIT, HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Wed, 13 Mar 2024 21:18:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
heaven-23-food-min.jpg
heaven23.se/uploads/sites/29/2019/10/ 		275 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2019/10/heaven-23-food-min.jpg
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8363a03afccb40834525edba46fdfa6caeee47e85f5613dcbfb13941985f2dbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
last-modified
Wed, 02 Oct 2019 06:59:28 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5d944ad0-44c78"
content-type
image/jpeg
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
281720
expires
Thu, 31 Dec 2037 23:55:55 GMT
fannyj-h23-81-redigera-1.jpg
heaven23.se/uploads/sites/29/2022/09/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2022/09/fannyj-h23-81-redigera-1.jpg
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b076ad16257c3f09799f5cb037e644fb42616786f055fda29eabc4a5adb7c3bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
last-modified
Thu, 29 Sep 2022 11:58:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"63358854-21e02"
content-type
image/jpeg
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
accept-ranges
bytes
content-length
138754
expires
Thu, 31 Dec 2037 23:55:55 GMT
utsiktheaven23.jpg
heaven23.se/uploads/sites/29/2023/07/ 		233 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2023/07/utsiktheaven23.jpg
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
14a1724b2315d1899c21a70630c1f37904a1d0dfa2ec7792ea6322fab803f9d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
last-modified
Mon, 03 Jul 2023 09:45:09 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"64a298a5-3a2d0"
content-type
image/jpeg
access-control-allow-origin
*
x-web-backend
prod-web2
cache-control
max-age=315360000
accept-ranges
bytes
content-length
238288
expires
Thu, 31 Dec 2037 23:55:55 GMT
fannyj-h23-417-redigera.jpg
heaven23.se/uploads/sites/29/2022/10/ 		544 KB
545 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaven23.se/uploads/sites/29/2022/10/fannyj-h23-417-redigera.jpg
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4c89d157d705ccebf0041de7cdc2d34e4df57bcf76b8ca3619310101b7f131d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
last-modified
Fri, 07 Oct 2022 08:24:00 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"633fe220-87fa0"
content-type
image/jpeg
access-control-allow-origin
*
x-web-backend
prod-web1
cache-control
max-age=315360000
accept-ranges
bytes
content-length
556960
expires
Thu, 31 Dec 2037 23:55:55 GMT
getShopSettings
heaven23.se/wp-json/api/v2/ 		533 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/wp-json/api/v2/getShopSettings
Requested by
Host: heaven23.se
URL: https://heaven23.se/themes/smab/assets/build//scripts/smab.js?id=50037c4ddf7e9473ce74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
622103d4f0290d3328e281db0a0e03794ca098001d8c0023cc2e2e0085fa7b99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://heaven23.se/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-web-backend
prod-web1
x-fastcgi-cache-key
httpGETheaven23.se/wp-json/api/v2/getShopSettings
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
allow
GET
content-type
application/json; charset=UTF-8
x-fastcgi-cache
HIT
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
no-store, no-cache, must-revalidate
x-robots-tag
noindex
link
<https://heaven23.se/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
getTranslationBlock
heaven23.se/wp-json/api/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heaven23.se/wp-json/api/v2/getTranslationBlock
Requested by
Host: heaven23.se
URL: https://heaven23.se/themes/smab/assets/build//scripts/smab.js?id=50037c4ddf7e9473ce74
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.99.5.208 Falkenberg, Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
79-99-5-208-static.glesys.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
37cc17dbac3289d3512bd72b8c92d6b96f9dcde506ec43d7f8541d7cc83e3cf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://heaven23.se/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Mar 2024 21:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-web-backend
prod-web2
x-fastcgi-cache-key
httpPOSTheaven23.se/wp-json/api/v2/getTranslationBlock
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
allow
POST
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://heaven23.se
access-control-expose-headers
X-WP-Total, X-WP-TotalPages
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
vary
Origin
x-robots-tag
noindex
link
<https://heaven23.se/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
373247333019962
connect.facebook.net/signals/config/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/373247333019962?v=2.9.149&r=stable&domain=heaven23.se&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d19d3ec0b4b51067048b78886dfd836eaf3c3e64218c5a74b044a2d6c279ca19
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 21:18:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=6, c=48, mss=1294, tbw=62760, tp=-1, tpl=-1, uplat=140, ullat=0
pragma
public
x-fb-debug
QCpVqElpJZtX2eUV2IQAJu8M6ULVTmvalUf2nkB+kjZBiI4BBDB1FV+TUKLSx1+vsJsFAruEzOjs3iIt+vCBNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
549744840442239
connect.facebook.net/signals/config/ 		25 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/549744840442239?v=2.9.149&r=stable&domain=heaven23.se&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101%2C178%2C177%2C179%2C184%2C185%2C186%2C182%2C174%2C117%2C119%2C173%2C175%2C108%2C139%2C130%2C134%2C114%2C169%2C209%2C145%2C102%2C112%2C210%2C147%2C106%2C128%2C121%2C109
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e2e4de4866e78e468ba7b8b99610868667dfc5157e9638d7f7e92f1238d48fed
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 21:18:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4325, tp=9, tpl=0, uplat=80, ullat=0
pragma
public
x-fb-debug
RIbX2U0pZ0d5rRgSo0TXPDUvxwUduAG1dCvldmK0j8Njn9b1NsyG9IlIj11GClGIt5NB2uhsq4IDVa7smHsmkg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=373247333019962&ev=PageView&dl=https%3A%2F%2Fheaven23.se%2F&rl=&if=false&ts=1710364698095&sw=1600&sh=1200&v=2.9.149&r=stable&ec=0&o=4126&fbp=fb.1.1710364698092.444709196&cs_est=true&ler=empty&cdl=API_unavailable&it=1710364697892&coo=false&rqm=GET
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 13 Mar 2024 21:18:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549744840442239&ev=PageView&dl=https%3A%2F%2Fheaven23.se%2F&rl=&if=false&ts=1710364698235&sw=1600&sh=1200&v=2.9.149&r=stable&ec=0&o=4126&fbp=fb.1.1710364698092.444709196&cs_est=true&ler=empty&cdl=API_unavailable&it=1710364697892&coo=false&rqm=GET
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=10, mss=1294, tbw=3116, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 13 Mar 2024 21:18:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C1600x12...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C16...
846 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fcbfc467dd54dbe323b81fa87bb7dae1724621d90a7df386bdcb9f67c16bc57e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
690
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pixels
c1.adform.net/imatch/ Frame D066 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Requested by
Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=672550&ADFPageName=Heaven23%20-%20Startsida&ADFdivider=%7C&ord=528092555252&ADFtpmode=2&loc=https%3A%2F%2Fheaven23.se%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0347a9627332724cff38513869c3f3786c493a1c2e1cf1b85d7099497ea6574c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heaven23.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 21:18:18 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
server.seadform.net/serving/cookie/sync/ 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.seadform.net/serving/cookie/sync/?uid=345988415891854546&stamp=XKXhzr9kCUcDvP-67D9Y4w2
Requested by
Host: heaven23.se
URL: https://heaven23.se/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
plf
c1.adform.net/imatch/ Frame D066 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ul_cb/ Frame D066
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=345988415891854546&Expiration=1711574298
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=345988415891854546&Expiration=1711574298
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=345988415891854546&Expiration=1711574298
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
52.22.74.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-74-198.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 13 Mar 2024 21:18:18 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=345988415891854546&Expiration=1711574298
access-control-allow-origin
*
date
Wed, 13 Mar 2024 21:18:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame D066 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.56.162.125 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-162-125.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Mar 2024 21:18:18 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 12 Mar 2024 21:18:18 GMT
token
token.rubiconproject.com/ Frame D066 		0
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame D066 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=345988415891854546&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.37.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-37-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:19 GMT
content-length
0
match
c1.adform.net/serving/cookie/ Frame D066
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=345988415891854546&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
  • https://c1.adform.net/serving/cookie/match?party=10&cid=8347195105558666957
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=10&cid=8347195105558666957
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://c1.adform.net/serving/cookie/match?party=10&cid=8347195105558666957
pragma
no-cache
date
Wed, 13 Mar 2024 21:18:18 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
user-registering
ads.stickyadstv.com/ Frame D066 		43 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Mar 2024 21:18:18 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1710364698886036-1166
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D066
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=345988415891854546
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=345988415891854546
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=595b7077-bdc8-4bfd-b6c2-6e3d53573524&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=595b7077-bdc8-4bfd-b6c2-6e3d53573524&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
39698

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=595b7077-bdc8-4bfd-b6c2-6e3d53573524&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Wed, 13 Mar 2024 21:18:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame D066
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=345988415891854546&expiration=1711574298
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=345988415891854546&expiration=1711574298&C=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=345988415891854546&expiration=1711574298&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MaWaemhy6EZagViQB3pMpwkRmGTyksmHqaReCLyFUtDzWdYqH86sARRDb2I5lyQF4jv4sKQ%2FsbNrI2j4s5AH9fup%2BZLxntmk0OCWGGL%2BxGqLoD5l9knWYp3ID%2Fe73mLTtkMqlFdmfpvQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
863f0e483b67a1e1-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6vmxcUci%2FYlHXzK0kqJMxfxSylbXpEwGsZg7yc94F09HHgP2bSRkkNKrRsgT8vM3OIZmz5FpANUkJ6bE1FHeB5IR2Pij66XIn9U77kQ7Zkgqi1ZixL6S9jsKp9h8M7OCc0L4G7Aj3zHXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=345988415891854546&expiration=1711574298&C=1
cache-control
no-cache
cf-ray
863f0e47caa5a1e1-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
info2
uipglob.semasio.net/adform/1/ Frame D066
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=345988415891854546&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=345988415891854546&sInitiator=external
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=345988415891854546&sInitiator=external
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Mar 2024 21:18:19 GMT
Frontend-ID
14
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Mar 2024 21:18:19 GMT
Frontend-ID
5
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/adform/1/info2?sType=sync&sExtCookieId=345988415891854546&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
/
ps.eyeota.net/match/bounce/ Frame D066
Redirect Chain
  • https://ps.eyeota.net/match?uid=345988415891854546&bid=9gdtmu1
  • https://ps.eyeota.net/match/bounce/?uid=345988415891854546&bid=9gdtmu1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?uid=345988415891854546&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 13 Mar 2024 21:18:19 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?uid=345988415891854546&bid=9gdtmu1
Date
Wed, 13 Mar 2024 21:18:18 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame D066
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=345988415891854546
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=345988415891854546&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Wed, 13 Mar 2024 21:18:19 GMT
x-amz-request-id
tx00000578d78a933a4fde6-0065909fa7-5134150-nyc
x-77-cache
HIT
x-cache
HIT
x-age
167021
x-accel-date
1710197678
content-length
43
x-77-nzt
A1m7sQ83Nzf/bYwCAJySO+I3Nzexz9PUZiQIFwA
x-accel-expires
@1711234478
x-77-age
167021
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
49be14089924ce271b18f26531d88338
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Wed, 13 Mar 2024 21:18:19 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
db_sync
px.ads.linkedin.com/ Frame D066
Redirect Chain
  • https://idsync.rlcdn.com/398366.gif?partner_uid=345988415891854546
  • https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIdChkIARCUdRoSMzQ1OTg4NDE1ODkxODU0NTQ2EAAaDQibsMivBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&rand=06735240
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&rand=06735240&expected_cookie=2935bcb8-a348-4aa4-97d3-1aa3f2188fb0
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&rand=06735240&expected_cookie=2935bcb8-a348-4aa4-97d3-1aa3f2188fb0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:19 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 79EBFCADECBF4B229B4292E0FE4CB17C Ref B: EWR311000102017 Ref C: 2024-03-13T21:18:20Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYTkVBjGTTspzdI+DhtjA==

Redirect headers

date
Wed, 13 Mar 2024 21:18:19 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: FB8D445C9D4E4EE2B4DFDB1387AEC05D Ref B: EWR311000102017 Ref C: 2024-03-13T21:18:19Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/db_sync?pid=10339&puuid=e29e188e124abf531b98b3f6ecf1fff03adde0cdaee6768adf5053bcfc147c31791426b5417dce21&rand=06735240&expected_cookie=2935bcb8-a348-4aa4-97d3-1aa3f2188fb0
x-li-source-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYTkVBhBwiBTUUrPncWPQ==
gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/ Frame D066
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/gdpr_consent=
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
54.157.149.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-157-149-99.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.239
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=345988415891854546/gdpr=/gdpr_consent=
cache-control
no-cache
x-server
10.40.58.199
content-length
0
expires
0
29729
tags.bluekai.com/site/ Frame D066 		62 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 13 Mar 2024 21:18:19 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame D066
Redirect Chain
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=345988415891854546
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=345988415891854546
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=345988415891854546
date
Wed, 13 Mar 2024 21:18:19 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame D066
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Server
52.218.30.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:18:21 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
X1G9DZGG0FNN992K
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
YZ5RCqnneLM4ei3vLe0osqsFj+y/a6tqrEykt7EpNlkuLrYNFvL79PRur38+GGSZaWG01a7zMgg=

Redirect headers

X-Error-Reason
Missing UserId
Date
Wed, 13 Mar 2024 21:18:19 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
usermatch.gif
beacon.krxd.net/ Frame D066 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.169.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-169-214.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:19 GMT
server
awselb/2.0
/
c1.adform.net/serving/cookie/match/ Frame D066
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzQ1OTg4NDE1ODkxODU0NTQ2
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzQ1OTg4NDE1ODkxODU0NTQ2&google_tc=
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDDIFDIU7pU6y8o9xTpzzL4&google_cver=1&google_ula=1641347,0
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDDIFDIU7pU6y8o9xTpzzL4&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDDIFDIU7pU6y8o9xTpzzL4&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame D066 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
secure.adnxs.com/ Frame D066
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
  • https://c1.adform.net/serving/cookie/match?party=3&id=1740656171100550908&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=345988415891854546
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
an-x-request-uuid
c97bea21-e07f-40e1-979a-63f32421a9ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.34; 96.9.249.34; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=345988415891854546
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D066 		42 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 13 Mar 2024 07:23:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame D066 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-84.jfk52.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 13:46:48 GMT
Via
1.1 f5386598f013dd093e17be33d361f408.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.24.0
X-Amz-Cf-Pop
JFK52-P4
Age
27091
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
AruwOUbAkB8LTqmnJxdHkx-UdbR_a4R_TLQKva32CxWAipD_o6H8nA==
p
a.audrte.com/ Frame D066
Redirect Chain
  • https://a.audrte.com/a?adform_uid=345988415891854546
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aDg0R01XRWMtUjlSaS1ocjBHTk9oclpndw%3D%3D&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Server
52.209.135.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-135-120.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:18:19 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 13 Mar 2024 21:18:19 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame D066
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=345988415891854546&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=345988415891854546&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=89753602479677957812200079951217544688&noredirect=1
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=89753602479677957812200079951217544688&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-va6-2-v057-006db7a3b.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
xpKudwnHRjo=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=89753602479677957812200079951217544688&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame D066
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=345988415891854546
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212660604820007990282
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212660604820007990282
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR53-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=212660604820007990282
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
JcZp3VrqGnjEx5a46jJHcm08MRLeo8HDD2150zlclnUHEr-gUqjWJQ==
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame D066
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7345960446453348502
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7345960446453348502
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7345960446453348502
Date
Wed, 13 Mar 2024 21:18:19 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame D066 		62 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 13 Mar 2024 21:18:19 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame D066
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=si58rxuh1RKvZp5
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=si58rxuh1RKvZp5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Wed, 13 Mar 2024 21:18:19 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-06bbff1a601ddde23@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=si58rxuh1RKvZp5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dmp.adform.net/serving/cookie/match/ Frame D066
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
  • https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=d257b3a4-d26d-4bca-ac47-1278652f50f6
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=d257b3a4-d26d-4bca-ac47-1278652f50f6
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

location
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=d257b3a4-d26d-4bca-ac47-1278652f50f6
date
Wed, 13 Mar 2024 21:18:20 GMT
server
Kestrel
content-length
225
3.gif
id5-sync.com/cq/10/124/0/ Frame D066
Redirect Chain
  • https://id5-sync.com/s/10/0.gif?puid=345988415891854546
  • https://id5-sync.com/c/10/10/2/1.gif?puid=345988415891854546&gdpr=0&gdpr_consent=&us_privacy=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/10/2/1/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/10/2/1/2.gif?puid=1740656171100550908&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-87a4KNCKFEkhvZNDDHJJ_VZmFvvMp-ojWoRuPLtmqQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F0%2F3.gif%3Fpuid%3D%...
  • https://id5-sync.com/cq/10/124/0/3.gif?puid=f005aaf3-a962-42c8-aa92-d4054789ac64&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/cq/10/124/0/3.gif?puid=f005aaf3-a962-42c8-aa92-d4054789ac64&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 13 Mar 2024 21:18:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/cq/10/124/0/3.gif?puid=f005aaf3-a962-42c8-aa92-d4054789ac64&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
access-control-allow-origin
*
date
Wed, 13 Mar 2024 21:18:21 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
dmp.adform.net/serving/cookie/match/ Frame D066
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=591174107
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TCgkiE1szFA1vxtoyTv8ye
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TCgkiE1szFA1vxtoyTv8ye
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
via
1.1 google
last-modified
Wed, 13 Mar 2024 21:18:20 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=TCgkiE1szFA1vxtoyTv8ye
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame D066 		23 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-155.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Wed, 13 Mar 2024 21:18:19 GMT
pragma
no-cache
date
Wed, 13 Mar 2024 21:18:19 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
cs
cs.lkqd.net/ Frame D066
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=345988415891854546
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cb3fc50de9&gdpr=0&gdpr_consent=
43 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cb3fc50de9&gdpr=0&gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:20 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Wed, 13 Mar 2024 21:18:19 GMT
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=cb3fc50de9&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ZhKEvilPPIxdo5ckVhaWV6DxiZqhlq5wzCuZlG6pZZD1VUY40F2yAw==
345988415891854546
match.contentexchange.me/adform/ Frame D066 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/345988415891854546?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:20 GMT
content-length
0
server
nginx/1.16.1
/
bpi.rtactivate.com/tag/ Frame D066 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=16974&user_id=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.131.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-131-173.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:20 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
match
ps.eyeota.net/ Frame D066
Redirect Chain
  • https://pixel.onaudience.com/?mapped=345988415891854546&partner=68
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=196b3deff5d6aaff
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=d257b3a4-d26d-4bca-ac47-1278652f50f6&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=d257b3a4-d26d-4bca-ac47-1278652f50f6&bid=1e2n4ou
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
HTTP/1.1
Server
54.156.26.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-26-12.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 13 Mar 2024 21:18:20 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=d257b3a4-d26d-4bca-ac47-1278652f50f6&bid=1e2n4ou
date
Wed, 13 Mar 2024 21:18:20 GMT
server
Kestrel
content-length
191
xuid
eb2.3lift.com/ Frame D066
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7354&xuid=345988415891854546&dongle=AD20
  • https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=345988415891854546&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=345988415891854546&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 13 Mar 2024 21:18:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7354&xuid=345988415891854546&dongle=AD20&gdpr=0&cmp_cs=&us_privacy=
date
Wed, 13 Mar 2024 21:18:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
put
e1.emxdgt.com/ Frame D066 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=345988415891854546
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.210.56.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-56-21.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:20 GMT
content-length
43
x-nosync
emp
content-type
image/gif
2981
tags.bluekai.com/site/ Frame D066
Redirect Chain
  • https://pixel.onaudience.com/?partner=290&mapped=345988415891854546
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=45e697007adec43e
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=MmtHOEovSGQ5OVlJV2RKaw%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEI9GSnLtFF2GXEOLMP6JJBk&google_cver=1
62 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEI9GSnLtFF2GXEOLMP6JJBk&google_cver=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Server
23.46.225.71 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-225-71.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 13 Mar 2024 21:18:21 GMT
content-length
62
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 21:18:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEI9GSnLtFF2GXEOLMP6JJBk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame D066 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.53 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c1.adform.net/imatch/pixels?bt=0&uid=345988415891854546&agencyId=124&advertiserId=79087&src=tp&rnd=881238
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
1.gif
imgsct.cookiebot.com/ 		35 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=49cc2fbe-abe7-495c-8df3-4ab32469bf46
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2588::f09 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaven23.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:18:21 GMT
x-guploader-uploadid
ABPtcPpKJ8L-ebA5_s0dRg_-evC_8-fxbPSA538xXoTXwG-w2opuZQY8edLAPwx8ne3XpaNqIJY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
35
last-modified
Mon, 23 Oct 2023 11:39:32 GMT
server
UploadServer
etag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-generation
1698061172769999
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1800
x-goog-stored-content-length
35
accept-ranges
bytes
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| dataLayer function| hj object| _hjSettings function| loadCSS string| ajaxurl string| locale object| browser undefined| oldBrowswerWarning undefined| closeOldBrowswerWarning boolean| isCookieSet object| cookies object| superpwa_sw object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| onYouTubeIframeAPIReady object| lazySizesConfig object| lazySizes function| objectFitPolyfill object| User object| gaplugins object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| gaGlobal object| gaData function| _ga_originalSendHitTask function| fbq function| _fbq object| _adftrack function| Sharer function| sprintf function| vsprintf function| Hammer function| _ function| Swiper function| Optiscroll object| regeneratorRuntime object| openLoginDialog function| setImmediate function| clearImmediate object| __post_robot_10_0_22__ object| Adform object| KJUR object| adf number| CB_OnTagsExecuted_Processed

85 Cookies

Domain/Path Name / Value
heaven23.se/ Name: PHPSESSID
Value: tpnbgo03239qshpq1g0rn8qlr9
.heaven23.se/ Name: _hjSessionUser_917151
Value: eyJpZCI6IjU3ZTlkYjMyLWMyZjktNTQyZS04YmNhLTc1NGFlN2FhNDY1NSIsImNyZWF0ZWQiOjE3MTAzNjQ2OTY5NTksImV4aXN0aW5nIjpmYWxzZX0=
.heaven23.se/ Name: _hjSession_917151
Value: eyJpZCI6ImI2MjAyZGZkLWM0ODMtNGMzZS04ZWNmLWVkN2I4NjQzYTFmYyIsImMiOjE3MTAzNjQ2OTY5NjEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
heaven23.se/ Name: CookieConsent
Value: {stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:1%2Cutc:1710364697119%2Cregion:%27US%27}
.heaven23.se/ Name: _gid
Value: GA1.2.1089043690.1710364697
.heaven23.se/ Name: _gat_UA-844357-4
Value: 1
.heaven23.se/ Name: _ga_70K03G6MQ5
Value: GS1.1.1710364696.1.0.1710364696.0.0.0
.heaven23.se/ Name: _ga
Value: GA1.1.2032893430.1710364697
.heaven23.se/ Name: _fbp
Value: fb.1.1710364698092.444709196
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: uid
Value: 345988415891854546
.adform.net/ Name: CM
Value: 1|1
.adform.net/ Name: CM14
Value: 1710451098_1710364698_1710364698_1_Hu7u4e4e4R7u4e4REREeEREREAAA4Q
.casalemedia.com/ Name: CMID
Value: ZfIYGtHM55UAAD7dAHpYbQAA
.casalemedia.com/ Name: CMPS
Value: 1458
.casalemedia.com/ Name: CMPRO
Value: 1458
.smartadserver.com/ Name: pid
Value: 8347195105558666957
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 22:345988415891854546
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 345988415891854546
.ads.stickyadstv.com/ Name: UID
Value: 07b4249b6a6a7d9c58cd3789d49d25
.360yield.com/ Name: tuuid
Value: f005aaf3-a962-42c8-aa92-d4054789ac64
.360yield.com/ Name: tuuid_lu
Value: 1710364698
.bidswitch.net/ Name: tuuid
Value: 595b7077-bdc8-4bfd-b6c2-6e3d53573524
.bidswitch.net/ Name: c
Value: 1710364698
.bidswitch.net/ Name: tuuid_lu
Value: 1710364698
.eyeota.net/ Name: mako_uid
Value: 18e39ae2959-56280000010a51cf
.eyeota.net/ Name: SERVERID
Value: 20943~DM
.seadform.net/ Name: uid
Value: 345988415891854546
.semasio.net/ Name: SEUNCY
Value: E782186B0B74D9C8
.rubiconproject.com/ Name: khaos
Value: LTQAZC1H-8-IBQG
.rubiconproject.com/ Name: audit
Value: 1|wD4mdzP98QcqUhxCTvqqVVNhc66UDR8jr7/IydcgqNZ+xL8LlrcUaIHXphaqph/x6Xg55KttgcLyUhTWCqUS/I+whRf0v/l/9Aqe4AQqTsfbrtBY+JDWApaASRNcwshmcCygDcYSdD/OZF4C5xzkLg==
.taboola.com/ Name: t_gid
Value: 072b9dc5-d1dd-4280-b7a6-a7b56b0cd456-tuctceb9d9b
.taboola.com/ Name: t_pt_gid
Value: 072b9dc5-d1dd-4280-b7a6-a7b56b0cd456-tuctceb9d9b
.rlcdn.com/ Name: rlas3
Value: +Bmkn/vdQkVYG+kwEYCcUwEqH53amy6QQPztNgXB08o=
.openx.net/ Name: i
Value: 2fb0179e-8171-4e09-8075-19a8fac59f1e|1710364699
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 35158a02e1b7354295e2e172d2a2d98
.rlcdn.com/ Name: pxrc
Value: CJuwyK8GEgUI6AcQABIFCOhHEAA=
.exelator.com/ Name: EE
Value: "d409a3489a1da95da2a3be0434b57dda"
.bluekai.com/ Name: bku
Value: /Ux99OLRXZPEDEAA
.doubleclick.net/ Name: IDE
Value: AHWqTUn7OxrrE4QsgBvu5ofd_0jqR9Y2jYW4vkgP5wjPVHyoL4jYC79ZhEB4rxQpQgk
.adnxs.com/ Name: XANDR_PANID
Value: 1DU3Jrr80pxc3B4xW8XCsnGkAwnLnkFEFk9D1e1c3XZ9KOlkLAo7EtJ3a93Zx7fqlS-W3gtxYtNPMA7EUvpPn2TVK3sj17MrMo8pl1AYw4k.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1740656171100550908
.demdex.net/ Name: demdex
Value: 89753602479677957812200079951217544688
.dpm.demdex.net/ Name: dpm
Value: 89753602479677957812200079951217544688
.agkn.com/ Name: ab
Value: 0001%3AM3B2LotZJlCvDjm29VR%2FERCfGz%2FRsGR8
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFxMAy0djEwjLRMCXR0jQl0SjROCnVwMTYJMnUPCUlcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIaEl%252BUWb6otDgxUUpaQyLSopPBR%252BXuQ4AuvUqvg%253D%253D"
.w55c.net/ Name: wfivefivec
Value: si58rxuh1RKvZp5
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2GVTd4daN!]tbPl1MO?+q([.UbWN2[QT@(Q7ut(Z7nYFQ8hC#d!HP]k!Dv'#BI7y)N[UD!!$Uk(NB)H
.w55c.net/ Name: matchadform
Value: 5
.pippio.com/ Name: did
Value: u1akuc0LLZNc7838
.pippio.com/ Name: didts
Value: 1710364699
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CJuwyK8GEgYIgr0rEAA=
.audrte.com/ Name: arcki2
Value: h84GMWEc-R9Ri-hr0GNOhrZgw!20220908!1710364699672!ip#96.9.249.34
.audrte.com/ Name: arcki2_adform
Value: 345988415891854546!20220908!1710364699672
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-345988415891854546&KRTB&23263-345988415891854546&KRTB&23481-345988415891854546
.pubmatic.com/ Name: PugT
Value: 1710314595
.audrte.com/ Name: arcki2_ddp2
Value: h84GMWEc-R9Ri-hr0GNOhrZgw!20220908!1710364699847
.teads.tv/ Name: tt_viewer
Value: c11f46cd-c6a1-4c7c-a5ac-5c50d762e6cb
.adsrvr.org/ Name: TDID
Value: d257b3a4-d26d-4bca-ac47-1278652f50f6
.smaato.net/ Name: SCM
Value: cb3fc50de9
.smaato.net/ Name: SCMv
Value: cb3fc50de9
.smaato.net/ Name: SCM1001213
Value: cb3fc50de9
.weborama.fr/ Name: AFFICHE_W
Value: 1Y7Yi8pWT0fV81
.adfarm1.adition.com/ Name: UserID1
Value: 7345960446453348502
.linkedin.com/ Name: li_sugr
Value: 2935bcb8-a348-4aa4-97d3-1aa3f2188fb0
.linkedin.com/ Name: bcookie
Value: "v=2&7e8212b2-b54f-42cc-8a04-d6f18d2e24ca"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2769:u=1:x=1:i=1710364700:t=1710451100:v=2:sig=AQHGRml6t9sdKAujCt9brHmzz1VOGY3f"
.lkqd.net/ Name: sr109
Value: 1|cb3fc50de9|1710364700
.lkqd.net/ Name: lkqdid
Value: Qd2-ltYDVfg
.lkqd.net/ Name: lkqdidts
Value: 1710364700
.3lift.com/ Name: tluidp
Value: 1958224244058235479693
.3lift.com/ Name: tluid
Value: 1958224244058235479693
.onaudience.com/ Name: done_redirects236
Value: 1
.onaudience.com/ Name: done_redirects282
Value: 1
.id5-sync.com/ Name: id5
Value: ef37ede8-4ad7-75c1-9dea-0a57042204d4#1710364700001#2
.onaudience.com/ Name: cookie
Value: 22c5306fa38d1d3d
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjSnK3xuuvhPBAFOAFaBmV5ZW90YWAC
.360yield.com/ Name: um
Value: !42,W8GgShaJyTXkrKtI3i7SZyvqEeu9GmuNWPImHG9IJN4,1711574298!79,yLe.kkp1HqD6sYmcQOJuaZ8uK2JY5.OuDTOw8VsIFNbLmiA.obWzzmVDlnDp5kIXxvL9b4g8bJFWbLnn,1718140701
.360yield.com/ Name: umeh
Value: !42,0,1772572698,-1!79,0,1772572701,-1
.id5-sync.com/ Name: 3pi
Value: 2#1710364700950#-1446616404#1740656171100550908|10#1710364700144#-1952724163#345988415891854546|124#1710364701148#1425193115

266 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/373247333019962?v=2.9.149&r=stable&domain=heaven23.se&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://heaven23.se/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
api.adrtx.net
beacon.krxd.net
bpi.rtactivate.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
cs.lkqd.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
heaven23.se
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
imgsct.cookiebot.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
oneroof.svenskamassan.se
pdw-adf.userreport.com
pippio.com
pixel.onaudience.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
server.seadform.net
simage2.pubmatic.com
stags.bluekai.com
static.hotjar.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
107.178.254.65
108.138.106.126
141.226.224.48
141.94.171.215
142.250.72.98
162.19.138.118
172.64.151.101
18.164.96.54
18.164.96.87
18.196.37.135
18.238.55.84
185.167.164.44
185.167.164.53
23.105.12.120
23.46.225.71
23.51.57.155
23.56.162.125
2600:141b:1c00:2588::f09
2600:141b:1c00:2e::17d1:48c8
2600:9000:21da:f200:1a:609a:6780:93a1
2600:9000:2209:4800:1b:5138:8a40:93a1
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:824::2003
2620:1ec:21::14
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
3.210.56.21
3.224.131.173
34.98.64.218
35.174.169.214
35.190.24.218
35.211.178.172
35.244.154.8
35.71.131.137
37.157.5.132
44.215.43.234
46.19.11.36
50.16.197.56
50.57.31.206
52.209.135.120
52.218.30.59
52.22.74.198
52.223.22.214
54.156.26.12
54.157.149.99
54.164.170.49
54.228.92.70
63.251.28.134
68.67.160.132
69.173.151.100
69.20.43.192
79.99.5.208
79.99.5.209
8.28.7.83
85.114.159.93
0347a9627332724cff38513869c3f3786c493a1c2e1cf1b85d7099497ea6574c
06dcc2b41a049d82f01fe4e2ca09c82d9077536d2c443a1c351a9a39ce2a2625
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e087432a78bc5633079fdb6e3c181f84bfff9ffb0eb266a1581b7b6af143c21
14a1724b2315d1899c21a70630c1f37904a1d0dfa2ec7792ea6322fab803f9d6
1723d2d5dcb510df9c8cd3c756543d171cc374ed9ee7f1251dd75ba6ac20637a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2721379ea3f48234cee8e008e7e23a3960b96d74b6b283e1d5e632bb3387f410
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341f707ebe00267db1fd017fe3c780ce991dc4b271e94e2bcd1b0988eb1db06a
37cc17dbac3289d3512bd72b8c92d6b96f9dcde506ec43d7f8541d7cc83e3cf2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49c46f2e9affb96f1966131ecddb4c9632b535bb579e991c8da238955ead5275
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fc4609faa185319397d96b840377451aed07c0f6ad1ceb25d18d1c7c649b1d2
614173933234d30524dee57281924d8d5c7f6926febc9613bb2e28306b92b7ea
622103d4f0290d3328e281db0a0e03794ca098001d8c0023cc2e2e0085fa7b99
670ab548281fdcb08f1755d2eb7e5eea1a4a2085a2c16f2b8932256d6a8facc3
6a6565c9a96ea96d6171f432007f381f2fe2d6d7ccd51cbb493e06b1ec4cd95f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
76ac5bc9b1c19bf7c947d0ae679bc2ce8c654044dc6be2d0b5d6d69cdf54eb74
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8363a03afccb40834525edba46fdfa6caeee47e85f5613dcbfb13941985f2dbd
85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e
89991f954c237ded2a23b667afa9e0bbd7295d3105a489e09328d016253ed5a1
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
911e2fd8bf2ea6ae2b39121ab36fdb442d04efb9ca26cef085a28fff235cc5c6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf
a264c781779b153ef6cfe45eb2cb1ecb4467d90eea45aded9b86887010a46900
a393bdda9935a44014b5d38681a4ce3ded139b130042744ac43eaddfa0f4c9ea
b076ad16257c3f09799f5cb037e644fb42616786f055fda29eabc4a5adb7c3bf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19d3ec0b4b51067048b78886dfd836eaf3c3e64218c5a74b044a2d6c279ca19
daa66a01abc5e902d42f399578c82713ca044cd1f34aeb54cd9f97fe40129692
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dea6ebdc5e5f8dece8ade4ef78662b16ed59ed4625892a5882eaf4a891d4c987
e16ac4737b6ca75e7c773e4097d2fc1e959c69b5f931a33bdf18ea6feb1fc3ec
e2e4de4866e78e468ba7b8b99610868667dfc5157e9638d7f7e92f1238d48fed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c89d157d705ccebf0041de7cdc2d34e4df57bcf76b8ca3619310101b7f131d
e923f1fb3eabfa7697d460e28cf79cf93ac6f877b581bfe11bfd5d05be8e8790
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb
fcbfc467dd54dbe323b81fa87bb7dae1724621d90a7df386bdcb9f67c16bc57e
fe75814bc93ee7ebcd4aedf3a707177d66890446b8197e74f75c31825d3e673f