www.halosheaven.com Open in urlscan Pro
151.101.194.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.halosheaven.com/users/wayofmart2710
Submission: On October 25 via manual (October 25th 2022, 8:16:12 am UTC) from DE — Scanned from AU

Summary HTTP 238 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 68 IPs in 9 countries across 68 domains to perform 238 HTTP transactions. The main IP is 151.101.194.125, located in United States and belongs to FASTLY, US. The main domain is www.halosheaven.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 25th 2022. Valid for: a year.

This is the only time www.halosheaven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	151.101.194.125 151.101.194.125	54113 (FASTLY) (FASTLY)
5	199.232.196.124 199.232.196.124	54113 (FASTLY) (FASTLY)
20	199.232.192.124 199.232.192.124	54113 (FASTLY) (FASTLY)
2	74.125.24.97 74.125.24.97	15169 (GOOGLE) (GOOGLE)
2	151.101.1.52 151.101.1.52	54113 (FASTLY) (FASTLY)
8	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
15	23.72.45.156 23.72.45.156	16625 (AKAMAI-AS) (AKAMAI-AS)
3	74.207.242.116 74.207.242.116	63949 (LINODE-AP...) (LINODE-AP Linode)
1	34.120.171.7 34.120.171.7	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.227.228.153 13.227.228.153	16509 (AMAZON-02) (AMAZON-02)
1	199.232.194.217 199.232.194.217	54113 (FASTLY) (FASTLY)
1	199.232.198.137 199.232.198.137	54113 (FASTLY) (FASTLY)
19	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
1	74.125.24.113 74.125.24.113	15169 (GOOGLE) (GOOGLE)
5	142.250.4.113 142.250.4.113	15169 (GOOGLE) (GOOGLE)
1	146.75.112.157 146.75.112.157	54113 (FASTLY) (FASTLY)
1	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1 3	13.224.250.43 13.224.250.43	16509 (AMAZON-02) (AMAZON-02)
1	13.227.254.101 13.227.254.101	16509 (AMAZON-02) (AMAZON-02)
1	13.224.250.82 13.224.250.82	16509 (AMAZON-02) (AMAZON-02)
3	54.169.0.90 54.169.0.90	16509 (AMAZON-02) (AMAZON-02)
2	13.213.127.212 13.213.127.212	16509 (AMAZON-02) (AMAZON-02)
2	52.94.243.89 52.94.243.89	16509 (AMAZON-02) (AMAZON-02)
2	104.18.167.224 104.18.167.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.225.2.118 13.225.2.118	16509 (AMAZON-02) (AMAZON-02)
1	104.18.13.76 104.18.13.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.41.65.80 23.41.65.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.251.12.101 142.251.12.101	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.65.52 151.101.65.52	54113 (FASTLY) (FASTLY)
1	192.53.164.96 192.53.164.96	63949 (LINODE-AP...) (LINODE-AP Linode)
3	172.253.118.102 172.253.118.102	15169 (GOOGLE) (GOOGLE)
2	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
2	3.38.72.56 3.38.72.56	16509 (AMAZON-02) (AMAZON-02)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.129 13.225.78.129	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	54.176.253.251 54.176.253.251	16509 (AMAZON-02) (AMAZON-02)
2	172.217.194.154 172.217.194.154	15169 (GOOGLE) (GOOGLE)
3	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
4	74.125.130.99 74.125.130.99	15169 (GOOGLE) (GOOGLE)
3 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.17.5 13.35.17.5	16509 (AMAZON-02) (AMAZON-02)
2 15	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
3 4	104.254.151.36 104.254.151.36	29990 (ASN-APPNEX) (ASN-APPNEX)
10	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.107.222.173 34.107.222.173	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
13	172.217.194.132 172.217.194.132	15169 (GOOGLE) (GOOGLE)
2	142.250.4.94 142.250.4.94	15169 (GOOGLE) (GOOGLE)
4 4	74.118.186.44 74.118.186.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	23.36.252.26 23.36.252.26	16625 (AKAMAI-AS) (AKAMAI-AS)
4 9	3.1.247.163 3.1.247.163	16509 (AMAZON-02) (AMAZON-02)
1	23.72.44.196 23.72.44.196	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.15.148.136 23.15.148.136	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.74.13.196 52.74.13.196	16509 (AMAZON-02) (AMAZON-02)
1 6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.25.173 104.18.25.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.247.47.28 35.247.47.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 21	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE)
1 1	18.177.254.176 18.177.254.176	16509 (AMAZON-02) (AMAZON-02)
1 1	52.4.99.227 52.4.99.227	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.176.234.133 18.176.234.133	16509 (AMAZON-02) (AMAZON-02)
2 2	51.79.234.100 51.79.234.100	16276 (OVH) (OVH)
1	182.22.31.252 182.22.31.252	23816 (YAHOO Yah...) (YAHOO Yahoo Japan Corporation)
1 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	52.220.103.200 52.220.103.200	16509 (AMAZON-02) (AMAZON-02)
1 1	133.186.161.89 133.186.161.89	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1 1	52.76.134.15 52.76.134.15	16509 (AMAZON-02) (AMAZON-02)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	18.214.21.204 18.214.21.204	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.254.150.241 104.254.150.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	124.146.215.50 124.146.215.50	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	13.227.254.74 13.227.254.74	16509 (AMAZON-02) (AMAZON-02)
1 6	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	13.114.67.130 13.114.67.130	16509 (AMAZON-02) (AMAZON-02)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.214.174.31 35.214.174.31	15169 (GOOGLE) (GOOGLE)
5 9	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.95.118.179 52.95.118.179	() ()
238	68

2 151.101.194.125 (United States)

ASN54113 (FASTLY, US)

www.halosheaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.196.124 (United States)

ASN54113 (FASTLY, US)

concertads-configs.vox-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
phonograph2.voxmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 199.232.192.124 (United States)

ASN54113 (FASTLY, US)

cdn.vox-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.concert.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.52 (United States)

ASN54113 (FASTLY, US)

www.sbnation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.72.45.156 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-156.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.207.242.116 (Fremont, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 74-207-242-116.ip.linodeusercontent.com

go.metabet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metabet.api.areyouwatchingthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.171.7 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.171.120.34.bc.googleusercontent.com

sbnation.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.228.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-228-153.sin52.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.137 (United States)

ASN54113 (FASTLY, US)

static.fmpub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f113.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.4.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.112.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.250.43 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-43.sin52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-101.sin52.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-82.sin52.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.169.0.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-0-90.ap-southeast-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.213.127.212 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-127-212.ap-southeast-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.243.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.167.224 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

pub.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.2.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-2-118.sin52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.101 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f101.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.52 (United States)

ASN54113 (FASTLY, US)

auth.voxmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.53.164.96 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 192-53-164-96.ip.linodeusercontent.com

metabet.static.api.areyouwatchingthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.118.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f102.1e100.net

ampcid.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.150.54 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.38.72.56 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-72-56.ap-northeast-2.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-129.fra2.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.176.253.251 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-253-251.us-west-1.compute.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.99 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.17.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-17-5.sin5.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.36 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.222.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.222.107.34.bc.googleusercontent.com

d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.118.186.44 (Serangoon, Singapore) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.252.26 (Singapore, Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.1.247.163 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.15.148.136 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-148-136.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.13.196 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.2.229 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.173 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.247.47.28 (The Dalles, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.4.157 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.177.254.176 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-254-176.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.99.227 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-99-227.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.234.133 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com

cs.r-ad.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.234.100 (Singapore, Singapore) 2 redirects

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.22.31.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.103.200 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-103-200.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.89 (Japan) 1 redirects

ASN45974 (NHN-AS-KR NHN, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.134.15 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-134-15.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.21.204 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-21-204.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.254.150.241 (Los Angeles, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.50 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.74 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-74.sin52.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.5.84.243 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.114.67.130 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-67-130.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.174.31 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 31.174.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.158.64 (Singapore, Singapore) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.118.179 (None, )

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	202 KB
26	googlesyndication.com 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	122 KB
20	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 313 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534 s.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-eu.amazon-adsystem.com	60 KB
20	moatads.com z.moatads.com — Cisco Umbrella Rank: 404 mb.moatads.com — Cisco Umbrella Rank: 666 geo.moatads.com — Cisco Umbrella Rank: 663 px.moatads.com — Cisco Umbrella Rank: 481	102 KB
15	vox-cdn.com concertads-configs.vox-cdn.com — Cisco Umbrella Rank: 14733 cdn.vox-cdn.com — Cisco Umbrella Rank: 11187	544 KB
14	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2637 eus.rubiconproject.com — Cisco Umbrella Rank: 596 token.rubiconproject.com — Cisco Umbrella Rank: 682 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852 pixel.rubiconproject.com — Cisco Umbrella Rank: 347	148 KB
12	casalemedia.com 4 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 1407 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542 dsum.casalemedia.com — Cisco Umbrella Rank: 1311	8 KB
12	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2439 api.permutive.com — Cisco Umbrella Rank: 1966	327 KB
9	sharethrough.com 4 redirects match.sharethrough.com — Cisco Umbrella Rank: 554	3 KB
9	google.com ampcid.google.com — Cisco Umbrella Rank: 2113 analytics.google.com — Cisco Umbrella Rank: 400 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	3 KB
6	openx.net 1 redirects u.openx.net — Cisco Umbrella Rank: 664 us-u.openx.net — Cisco Umbrella Rank: 409 jp-u.openx.net — Cisco Umbrella Rank: 10520	1 KB
6	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 356	3 KB
6	concert.io cdn.concert.io — Cisco Umbrella Rank: 9474	121 KB
5	permutive.app d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app — Cisco Umbrella Rank: 10459	1 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 232 secure.adnxs.com — Cisco Umbrella Rank: 438	4 KB
5	google.com.au ampcid.google.com.au www.google.com.au — Cisco Umbrella Rank: 23161 adservice.google.com.au — Cisco Umbrella Rank: 109731	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
5	voxmedia.com phonograph2.voxmedia.com — Cisco Umbrella Rank: 19467 auth.voxmedia.com — Cisco Umbrella Rank: 19550	6 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	84 KB
4	doubleverify.com pub.doubleverify.com — Cisco Umbrella Rank: 5865 vtrk.doubleverify.com — Cisco Umbrella Rank: 1586	19 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 543	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	234 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	3 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 7487 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3238	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	121 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 508	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 24354	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 602	1 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 375	841 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 777	768 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 841	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 828 s.tribalfusion.com — Cisco Umbrella Rank: 2234	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	739 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 2824	219 B
2	areyouwatchingthis.com metabet.api.areyouwatchingthis.com — Cisco Umbrella Rank: 46001 metabet.static.api.areyouwatchingthis.com — Cisco Umbrella Rank: 41764	688 B
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1421 api.rlcdn.com — Cisco Umbrella Rank: 825	36 KB
2	metabet.io go.metabet.io — Cisco Umbrella Rank: 25523	75 KB
2	sbnation.com www.sbnation.com — Cisco Umbrella Rank: 32840	66 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	171 KB
2	halosheaven.com www.halosheaven.com	31 KB
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 890	40 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 6700	419 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1201	861 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 723	637 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 660	470 B
1	cauly.co.kr 1 redirects app.cauly.co.kr — Cisco Umbrella Rank: 101692	495 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3317	623 B
1	r-ad.ne.jp 1 redirects cs.r-ad.ne.jp — Cisco Umbrella Rank: 107246	681 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4694	615 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 129072	303 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 495	6 KB
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1392	665 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094	476 B
1	prmutv.co d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co — Cisco Umbrella Rank: 22343	397 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 4214	770 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1492	605 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 547	394 B
1	t.co t.co — Cisco Umbrella Rank: 483	379 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608	14 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 2852	44 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 624	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1140
1	fmpub.net static.fmpub.net — Cisco Umbrella Rank: 259799
1	scroll.com static.scroll.com — Cisco Umbrella Rank: 5479	7 KB
1	coralproject.net sbnation.coral.coralproject.net — Cisco Umbrella Rank: 24304	8 KB
238	68

	Domain	Requested by
21	cm.g.doubleclick.net	4 redirects www.halosheaven.com 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com u.openx.net s.amazon-adsystem.com
15	s.amazon-adsystem.com	2 redirects c.amazon-adsystem.com s.amazon-adsystem.com match.sharethrough.com u.openx.net ssum-sec.casalemedia.com
14	cdn.vox-cdn.com	www.halosheaven.com
13	tpc.googlesyndication.com	7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
13	px.moatads.com	www.halosheaven.com
10	pagead2.googlesyndication.com	7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com www.halosheaven.com www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	api.permutive.com	cdn.permutive.com
9	match.sharethrough.com	4 redirects s.amazon-adsystem.com match.sharethrough.com
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.halosheaven.com
6	match.adsrvr.org	5 redirects js-sec.indexww.com
6	cdn.concert.io	www.halosheaven.com cdn.concert.io
5	token.rubiconproject.com	4 redirects s.amazon-adsystem.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	ssum-sec.casalemedia.com	3 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com
5	d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app	cdn.permutive.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.halosheaven.com
4	pixel.rubiconproject.com	1 redirects s.amazon-adsystem.com
4	ib.adnxs.com	3 redirects cdn.permutive.com
4	www.google.com	www.halosheaven.com 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com tpc.googlesyndication.com
4	phonograph2.voxmedia.com	www.halosheaven.com phonograph2.voxmedia.com
3	sync.1rx.io	3 redirects
3	7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	www.halosheaven.com
3	c.amazon-adsystem.com	cdn.concert.io c.amazon-adsystem.com
3	mb.moatads.com	z.moatads.com
3	sb.scorecardresearch.com	1 redirects www.halosheaven.com
3	www.googletagservices.com	www.halosheaven.com 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
2	match.prod.bidr.io	2 redirects
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	u.openx.net
2	us-u.openx.net	u.openx.net
2	pixel-sync.sitescout.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	px.ads.linkedin.com	1 redirects
2	onetag-sys.com	2 redirects
2	um.simpli.fi	2 redirects
2	eb2.3lift.com	2 redirects
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	ups.analytics.yahoo.com	2 redirects
2	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.gstatic.com	7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
2	fonts.googleapis.com	7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.com.au	securepubads.g.doubleclick.net
2	api.sail-personalize.com	ak.sail-horizon.com
2	vtrk.doubleverify.com	pub.doubleverify.com
2	www.google.com.au	www.halosheaven.com
2	analytics.google.com	www.googletagmanager.com
2	cdn.permutive.com	cdn.concert.io cdn.permutive.com
2	ads.rubiconproject.com	cdn.concert.io ads.rubiconproject.com
2	pub.doubleverify.com	cdn.concert.io pub.doubleverify.com
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	geo.moatads.com	z.moatads.com
2	go.metabet.io	www.halosheaven.com go.metabet.io
2	z.moatads.com	www.halosheaven.com z.moatads.com
2	www.sbnation.com	www.halosheaven.com
2	www.googletagmanager.com	www.halosheaven.com www.googletagmanager.com
2	www.halosheaven.com	cdn.vox-cdn.com
1	aax-eu.amazon-adsystem.com	s.amazon-adsystem.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	csync.loopme.me	ssum-sec.casalemedia.com
1	s.company-target.com	1 redirects
1	tg.socdm.com	1 redirects
1	secure.adnxs.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	app.cauly.co.kr	1 redirects
1	cksync.yahoo.co.jp	7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
1	cs.r-ad.ne.jp	1 redirects
1	fksnk.com	1 redirects
1	v9999.adv.admeme.net	1 redirects
1	s.tribalfusion.com	www.halosheaven.com
1	a.tribalfusion.com	1 redirects
1	ads.pubmatic.com	s.amazon-adsystem.com
1	cs.media.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co	cdn.permutive.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	geo.privacymanager.io	ats.rlcdn.com
1	ampcid.google.com.au	www.google-analytics.com
1	metabet.static.api.areyouwatchingthis.com	go.metabet.io
1	auth.voxmedia.com	cdn.vox-cdn.com
1	analytics.twitter.com	www.halosheaven.com
1	t.co	www.halosheaven.com
1	ampcid.google.com	www.google-analytics.com
1	js-sec.indexww.com	cdn.concert.io
1	metabet.api.areyouwatchingthis.com	go.metabet.io
1	ats.rlcdn.com	www.halosheaven.com
1	ak.sail-horizon.com	www.googletagmanager.com
1	connect.facebook.net	www.halosheaven.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	static.fmpub.net	www.halosheaven.com
1	static.scroll.com	www.halosheaven.com
1	z-na.associates-amazon.com	www.halosheaven.com
1	sbnation.coral.coralproject.net	www.halosheaven.com
1	concertads-configs.vox-cdn.com
238	103

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.facebook.com
auth.voxmedia.com
www.sbnation.com
dknation.draftkings.com
sports.yahoo.com
wayofmartialarts.com
www.youtube.com
blog.sbnation.com
www.voxmedia.com
status.voxmedia.com
jobs.voxmedia.com

Subject Issuer	Validity	Valid
dailynorseman.com Go Daddy Secure Certificate Authority - G2	`2022-04-25` - `2023-05-22`	a year	crt.sh
*.vox-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-04-13` - `2023-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.sbnation.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-04-13` - `2023-05-15`	a year	crt.sh
concert.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-23` - `2023-04-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
areyouwatchingthis.com R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
sbnation.coral.coralproject.net GTS CA 1D4	`2022-09-24` - `2022-12-23`	3 months	crt.sh
assoc-na.associates-amazon.com Amazon	`2022-06-18` - `2023-06-17`	a year	crt.sh
*.americanninjawarriornation.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-14` - `2023-03-18`	a year	crt.sh
*.scroll.com R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
k.sni-649-default.ssl.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-07` - `2023-08-08`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-03` - `2022-11-01`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
ak.sail-horizon.com Amazon	`2022-01-06` - `2023-02-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-10`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-10` - `2023-02-10`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2021-12-03` - `2023-01-04`	a year	crt.sh
api.sail-personalize.com Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
securedvisit.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.prmutv.co R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.partner.permutive.app R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.sharethrough.com Amazon	`2022-10-24` - `2023-11-21`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2022-08-05` - `2023-09-04`	a year	crt.sh
loopme.com R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.halosheaven.com/users/wayofmart2710
Frame ID: DE0E716F9163D90A3D618D52806C7D8A
Requests: 139 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 0D47984447ECADA25568B830BEB002F6
Requests: 1 HTTP requests in this frame

Frame: https://phonograph2.voxmedia.com/third.html
Frame ID: A691FA5D0BB5B78470E7C7FA661BF28A
Requests: 2 HTTP requests in this frame

Frame: https://phonograph2.voxmedia.com/needle
Frame ID: 59A6423CC796588D41B9A94FE2C529B0
Requests: 1 HTTP requests in this frame

Frame: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9ECA26068A03D3A2117EFA7D7E723DFE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: 983EF5539F7FAB32404ABBDB3BF667EC
Requests: 1 HTTP requests in this frame

Frame: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 881C3B21279F6F39BE52C977EB54B41B
Requests: 15 HTTP requests in this frame

Frame: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DD5795FBCBFE6137F73DB7DC5107BCC
Requests: 15 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 8BB4F071CDBC002EF1A91F174AE83584
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D63ECA12ADE280A6C87786E08F750EBE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 894E4774D26ED259D9A60BE34DA6BC3B
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: FA73AB2B91258AFEF0DA5AC0CEC9A1BC
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: B8C62823A364158BD97BA609B0B0F9FF
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: BFACCC92FB7341FCC7B4AF0485E45680
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B5A53AEA44FBFED26B96B2B41E2F3115
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wX0FQYjVsRTJ1SllSUEJYYVpLdjJEQVpRTmhXY2d6OH5B
Frame ID: 0F349F1A0358184D8DE4BFEE54C72072
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 29F64943E82BB22DF6C65D25745FD39C
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7422719982403516301&ex=appnexus.com
Frame ID: 905681C2A000BAA85E7052ADEBA2F359
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2974799449007580493830
Frame ID: 97FB6454097B9CF0EDB5D70717ECEE68
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: 87E44C031D71B566B3D9F1EE010704E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Frame ID: D9402D9ED7C3963E70D7713E757A4CB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 54ED8B58873EE25BAE49873AF3464DE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25689CC7790306F293AD9FE3C490B3B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

wayofmart2710 Profile and Activity - Halos Heavenclockmenumore-arrownoyesmobileHorizontal - WhiteFollow Halos Heaven on TwitterFollow Halos Heaven on FacebookSearchHorizontal - WhiteHorizontal - WhiteVox Media

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

238
Requests

83 %
HTTPS

0 %
IPv6

68
Domains

103
Subdomains

68
IPs

9
Countries

2375 kB
Transfer

7953 kB
Size

70
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitter.com/halosheaven
Title: Follow Halos Heaven on Twitter

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Halos-Heaven/155089497836659
Title: Follow Halos Heaven on Facebook

Search URL Search Domain Scan URL

URL: https://auth.voxmedia.com/login?community_id=2&return_to=https://www.halosheaven.com/users/wayofmart2710
Title: Log in or sign up

Search URL Search Domain Scan URL

URL: https://auth.voxmedia.com/signup?community_id=2&return_to=https://www.halosheaven.com/users/wayofmart2710
Title: Sign Up

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/mlb/teams/los-angeles-angels
Title: Angels

Search URL Search Domain Scan URL

URL: https://dknation.draftkings.com/mlb-odds-lines?utm_source=sbnation_navigation&utm_medium=navigation&utm_campaign=sbnation_navclick
Title: Odds

Search URL Search Domain Scan URL

URL: https://dknation.draftkings.com/mlb?utm_source=sbnation_navigation&utm_medium=navigation&utm_campaign=sbnation_navclick
Title: Fantasy Baseball

Search URL Search Domain Scan URL

URL: https://www.sbnation.com/blogs
Title: All 300 communities on Horizontal - White

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/mlb/teams/los-angeles-angels#stories
Title: Stories

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/mlb/teams/los-angeles-angels#schedule
Title: Schedule

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/mlb/teams/los-angeles-angels#stats
Title: Stats

Search URL Search Domain Scan URL

URL: http://sports.yahoo.com/mlb/teams/laa/news
Title: Yahoo Angels News

Search URL Search Domain Scan URL

URL: http://sports.yahoo.com/mlb/teams/laa
Title: Yahoo Angels Team Page

Search URL Search Domain Scan URL

URL: http://sports.yahoo.com/mlb/teams/laa/report
Title: Yahoo Angels Report

Search URL Search Domain Scan URL

URL: http://sports.yahoo.com/mlb/teams/laa/depthchart
Title: Yahoo Angels Depth Chart

Search URL Search Domain Scan URL

URL: http://sports.yahoo.com/mlb/teams/laa/transactions
Title: Yahoo Angels Transactions

Search URL Search Domain Scan URL

URL: http://sports.yahoo.com/mlb/teams/laa/photos
Title: Yahoo Angels Photos

Search URL Search Domain Scan URL

URL: https://wayofmartialarts.com/
Title: https://wayofmartialarts.com/

Search URL Search Domain Scan URL

URL: https://www.sbnation.com/users/wayofmart2710/posts#activity
Title: Posts

Search URL Search Domain Scan URL

URL: https://www.sbnation.com/users/wayofmart2710/comments#activity
Title: Comments

Search URL Search Domain Scan URL

URL: http://www.youtube.com/Halosheaven1
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/blogs
Title: Browse Blogs

Search URL Search Domain Scan URL

URL: http://blog.sbnation.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/pages/openings
Title: Blog Openings

Search URL Search Domain Scan URL

URL: http://www.sbnation.com/guide/disclosure
Title: Editorial Ethics and Guidelines

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/
Title: Vox MediaVox Media Vox Media logo.

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/legal/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/legal/privacy-notice
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/legal/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/pages/licensing
Title: Licensing FAQ

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/legal/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://status.voxmedia.com/
Title: Platform Status

Search URL Search Domain Scan URL

URL: https://www.voxmedia.com/vox-advertising
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://jobs.voxmedia.com/
Title: Jobs @ Vox Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://sb.scorecardresearch.com/b?c1=2&c2=7976662&cs_it=b3&cv=3.8.0.210223&ns__t=1666685760445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&c8=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7976662&cs_it=b3&cv=3.8.0.210223&ns__t=1666685760445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&c8=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&c9=

Request Chain 104

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Request Chain 159

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1666685765596 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=990824193 HTTP 302
https://sync.1rx.io/usersync/tradedesk/56237bbd-e9eb-4419-825e-9718d14702e9 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004

Request Chain 160

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3096873656837430000V10

Request Chain 161

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 165

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wX0FQYjVsRTJ1SllSUEJYYVpLdjJEQVpRTmhXY2d6OH5B

Request Chain 166

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 167

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=7422719982403516301&ex=appnexus.com

Request Chain 168

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2974799449007580493830

Request Chain 170

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMXIaA-0wHr83Aojg1P1xVk&google_cver=1&google_push=AZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMXIaA-0wHr83Aojg1P1xVk&google_cver=1&google_push=AZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 171

https://um.simpli.fi/gp_match?google_gid=CAESEO1-7_zjyjYFmnEHx8-ecN8&google_cver=1&google_push=AZmPxg-zAgXh44s2lrsVb1dpq_kOTT5HaDZdTrlPZ-oo8K0e3BRY58F_EDpRKQPKyOLWPgbdTH8VGTf6q9sAp683y9nnwldbtJwU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=931C8E959620413F9A5F8DA8F9CF51B1&google_push=AZmPxg-zAgXh44s2lrsVb1dpq_kOTT5HaDZdTrlPZ-oo8K0e3BRY58F_EDpRKQPKyOLWPgbdTH8VGTf6q9sAp683y9nnwldbtJwU

Request Chain 172

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEGu2qncbGcPFvGqPtbVsptQ&google_cver=1&google_push=AZmPxg9WrYFyJj4b4tCF63We-FYmd4ic3TOfn2T0CsjSURMfLqjeJQpOgkNVpFAWD4ulmb9fuBm2pOjqWoXg50_trkf_PDjqiGTS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9WrYFyJj4b4tCF63We-FYmd4ic3TOfn2T0CsjSURMfLqjeJQpOgkNVpFAWD4ulmb9fuBm2pOjqWoXg50_trkf_PDjqiGTS

Request Chain 173

https://fksnk.com/cs/google?google_gid=CAESEE3ABS7Zj6G3ZLA8VZA4WKI&google_cver=1&google_push=AZmPxg9G00Umj6etgx-1h42qDgu3RGLqgD8xoVItpVTVPJeH6-zg_g7Ba4B5DmkYjHzc7FAqNHq--p508bidjLLqNgrrm4MvNGXb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTFFMDY0QTM5RkU0MzNBNg==

Request Chain 174

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEOSj-1nFf_61Q6NxycEydQQ&google_cver=1&google_push=AZmPxg9vJrjDtpsHjRg2-1_BB53a6LoDToEGneXY2j2xe0PXWS1-0sFirQUVUBVpwFLB1kfYXug8akLHjQSc4uJ61gF6eidvC9x2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg9vJrjDtpsHjRg2-1_BB53a6LoDToEGneXY2j2xe0PXWS1-0sFirQUVUBVpwFLB1kfYXug8akLHjQSc4uJ61gF6eidvC9x2&google_hm=NTE4OEc2MDBrQkRBWTAwOFhaSHo

Request Chain 175

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKuJdApaIYQEEepyRPacj5c&google_cver=1&google_push=AZmPxg_rv_Wwa09vj3mCecNLjjOhFRV4H_enqp8nIUb9qMKb-l70-JIgMJdy_-Wd8e5FNYCXlZv_8U6RUlT9afZYP0fjEQ68cnCb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_rv_Wwa09vj3mCecNLjjOhFRV4H_enqp8nIUb9qMKb-l70-JIgMJdy_-Wd8e5FNYCXlZv_8U6RUlT9afZYP0fjEQ68cnCb

Request Chain 178

https://um.simpli.fi/gp_match?google_gid=CAESEE20ypgog_pqHXrK6dqVhCs&google_cver=1&google_push=AZmPxg8TsgfIdU9-D9nFuuc09J-t3lUFAte0GZsu3WP4CBjbtovcKjCOVEryLPhEfuGOfr4_X70Eehu1GzMfQm5X528RaIRmdfET HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A90D99DE6B00492A838E53B1C7D0FAC8&google_push=AZmPxg8TsgfIdU9-D9nFuuc09J-t3lUFAte0GZsu3WP4CBjbtovcKjCOVEryLPhEfuGOfr4_X70Eehu1GzMfQm5X528RaIRmdfET

Request Chain 179

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFTM9r_ZKwtFJIwVhwF7lb0&google_cver=1&google_push=AZmPxg_ohZ7PQUg_OJJaasVqlUxN7w9a4949TLkcbU7zx4ol-uqaW0V2OGvPnjbw8TiOz045EjlJLdHx1t5gSdIRAxS8L9MVtio HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_ohZ7PQUg_OJJaasVqlUxN7w9a4949TLkcbU7zx4ol-uqaW0V2OGvPnjbw8TiOz045EjlJLdHx1t5gSdIRAxS8L9MVtio

Request Chain 180

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKE4pVfIs363y4NhjMd1HGc&google_cver=1&google_push=AZmPxg-vJJWfE30WZOzM51S--Z80QtdlnNlIIXJ3ULzLrW9xklUTe7lalIVjcsDAMh3csmqJ3tMqh-Ntw0no-Thp816_TLzl6ls HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-vJJWfE30WZOzM51S--Z80QtdlnNlIIXJ3ULzLrW9xklUTe7lalIVjcsDAMh3csmqJ3tMqh-Ntw0no-Thp816_TLzl6ls&google_hm=NjgyOTU0OTE3MTg5NDAyNDI4MA%3D%3D

Request Chain 181

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_cver=1&google_push=AZmPxg8IBZn7lYMXynSQDS8SqugrJMCf4Qyg5vM_SDmrLAVgxyO7-TD2RsQsTh64uD0b8T-pLHh_KBAqqg5kHofEnuQbB6DWQeQc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_push=AZmPxg8IBZn7lYMXynSQDS8SqugrJMCf4Qyg5vM_SDmrLAVgxyO7-TD2RsQsTh64uD0b8T-pLHh_KBAqqg5kHofEnuQbB6DWQeQc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_hm=Y1ebRZVwKc1qQwUU2uDXtwAAEmEAAAIB&google_nid=index&google_push=AZmPxg8IBZn7lYMXynSQDS8SqugrJMCf4Qyg5vM_SDmrLAVgxyO7-TD2RsQsTh64uD0b8T-pLHh_KBAqqg5kHofEnuQbB6DWQeQc

Request Chain 182

https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESENUy_85yGx7PGEvJ-TOgh7c&google_cver=1&google_push=AZmPxg-xQnL6yBunW9GoL42Kce0fmknJfNKIRMlDfKClv_zx3YzZvA8gtzcWpdm-kxn1dt-7-N7Atg9rECLFDpMaKFUpkUIr7h8D HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg-xQnL6yBunW9GoL42Kce0fmknJfNKIRMlDfKClv_zx3YzZvA8gtzcWpdm-kxn1dt-7-N7Atg9rECLFDpMaKFUpkUIr7h8D

Request Chain 183

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENwIEgkNakbwAsIb2iqntig&google_cver=1&google_push=AZmPxg-3zzGfjtWr0vNP6yqhqFWpX4Mj0ccFaIM48JkrY1Ta8ZHaHIaiE4m8KeM9q6LfZkAt2dsQ6BpIerJpTkfP7v_UwpR0404 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3zzGfjtWr0vNP6yqhqFWpX4Mj0ccFaIM48JkrY1Ta8ZHaHIaiE4m8KeM9q6LfZkAt2dsQ6BpIerJpTkfP7v_UwpR0404

Request Chain 184

https://ads.yieldmo.com/exptsync?google_gid=CAESEKY1fhcApDs8hXWwFRmnalI&google_cver=1&google_push=AZmPxg-Xb5ZLJTn5HaUO43i73L6pFBZEEyaDzSjWzlXjGBdMHcmWXQUYKJ_nfOUoEOKrASzJML_6BU0OiwSTviPs54I9mcNt4mYC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-Xb5ZLJTn5HaUO43i73L6pFBZEEyaDzSjWzlXjGBdMHcmWXQUYKJ_nfOUoEOKrASzJML_6BU0OiwSTviPs54I9mcNt4mYC&google_hm=Zzc5MzA2ZTE2ZDViNjE0YTI0MmM=

Request Chain 190

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4300fa0f-3802-41ed-a846-367c50f09d0d-63579b47-5553&gdpr=0&gdpr_consent=

Request Chain 191

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=

Request Chain 192

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-635326eb-b5d3-4ba6-40e3-c51b529242d7$ip$173.245.209.182

Request Chain 193

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7422719982403516301

Request Chain 196

https://match.adsrvr.org/track/cmf/openx?oxid=db7130a4-5bac-34eb-7e66-0d84e723f9ee&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=56237bbd-e9eb-4419-825e-9718d14702e9&ttd_puid=db7130a4-5bac-34eb-7e66-0d84e723f9ee&gdpr=0&gdpr_consent=

Request Chain 197

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ebRsCo8X8AAP0G5EcAAAAA

Request Chain 198

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdOLcl0s2i5Pks8ADv76NP9igs8AAAGEDjaMNA

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEErLYXjyxcMSObzp7PkSO0g&google_cver=1

Request Chain 205

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1ebRTOKsrD5PWHrzWdF2AAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKU7bYlTn-tDIzzTIsRyAH0&google_cver=1

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1ebRTOKsrD5PWHrzWdF2AAAFNgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_cver=1

Request Chain 207

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&expiration=1669277766&gdpr=0&gdpr_consent=

Request Chain 208

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQ28U7GrzcAACDpMexXyw&expiration=1667895367

Request Chain 209

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682410566&external_user_id=0bd20eca-4119-4412-95d7-4a8a0364e6fc

Request Chain 211

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7422719982403516301

Request Chain 220

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9NXO8FV-1U-2KX6 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=L9NXO8FV-1U-2KX6&ex=d-rubiconproject.com&status=ok

Request Chain 221

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Bq353k_dTXOM2G9BLazDZg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Bq353k_dTXOM2G9BLazDZg

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKZSz64NzePPai-HmunzD7c&google_cver=1

Request Chain 224

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIyOTEyMWUzYjRlZDRhOTY5MGRjMGMyZWNmNmYxNzI3NTFmOGJmNA

Request Chain 225

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=&expires=30

Request Chain 226

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOWE84RlYtMVUtMktYNg==

Request Chain 227

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NXO8FV-1U-2KX6

Request Chain 228

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/vh941p9qYtuvwU1xue3qo8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6829549171894024280

238 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wayofmart2710 Show response
www.halosheaven.com/users/ 115 KB
30 KB 1569ms
1355ms Document
text/html 151.101.194.125
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.125 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

34d7a11406474daed8814dcdb815e7c29720b3da605260a8af540a13c18ef5dc

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://sbnation.coral.coralproject.net/api/graphql/live; font-src https: data:; img-src https: data: blob:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31556952; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, public, must-revalidate
content-encoding: br
content-length: 29579
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://sbnation.coral.coralproject.net/api/graphql/live; font-src https: data:; img-src https: data: blob:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 25 Oct 2022 08:15:52 GMT
etag: W/"34d7a11406474daed8814dcdb815e7c2"
link: <https://concertads-configs.vox-cdn.com/sbn/sbn/config.json>; rel=preload; as=fetch; crossorigin
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31556952; preload
vary: Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 72e8125ca837b23e700bdb7e44d2b2a5fb7bf0c6
x-runtime: 0.190968
x-served-by: cache-syd10161-SYD
x-timer: S1666685751.441291,VS0,VE1256
x-xss-protection: 1; mode=block

GET
H2 200 config.json
concertads-configs.vox-cdn.com/sbn/sbn/ 71 KB
8 KB 780ms
264ms Other
application/json 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://concertads-configs.vox-cdn.com/sbn/sbn/config.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97ba130b6e7d20603b1985bdf63914995343093d32fa2b8c920f8cd92be6e626

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 37WW80BZ6GGCSEFC
age: 26954
x-cache: HIT
geo-metro: 36117
x-amz-meta-surrogate-control: max-age=31536000, stale-while-revalidate=30, stale-if-error=86400
x-amz-meta-surrogate-key: concertadsconfigs
content-length: 7605
x-amz-id-2: gHQ951wRkYSXI+9DTOUKHkUt00H9rispqLz/JDs83LfaRJKZuzzwUUyA0bvx/SPd8/IALz5rnvs=
x-served-by: cache-pao17427-PAO
last-modified: Mon, 24 Oct 2022 20:22:21 GMT
server: AmazonS3
x-timer: S1666685753.397448,VS0,VE0
etag: "3668829de3d2d586801a0f6f878640c1"
vary: Accept-Encoding
geo-connection-speed: broadband
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: geo-region, geo-connection-speed, geo-metro
cache-control: max-age=3600
geo-region: AU-NSW
accept-ranges: bytes
x-cache-hits: 309

GET
H2 200 DrukText-MediumItalic-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 30 KB
30 KB 991ms
494ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukText-MediumItalic-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b7b0e1468e0be1a1042e21d8f16d589c2e98a0bdef8a62fe6d6b5ed960c6af3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 5F81ZE62AKXZTY01
age: 1171976
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30693
x-amz-id-2: AuQxsrGhenU9eGBiu44kNzegnk6K1/a7jiPi8w9mXhYtlcnuSCeX7+oypHXptUVIHTO7iY8s4PA=
x-served-by: cache-pao17468-PAO
last-modified: Mon, 17 Apr 2017 14:24:32 GMT
server: AmazonS3
x-timer: S1666685753.368471,VS0,VE0
etag: "ed3b5d2542d4beea4c22bbe2fa19b7e8"
vary: Accept-Encoding
x-amz-meta-md5_checksum: 61b13035319bd143efb0df506347b29d
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 4444

GET
H2 200 DrukText-Medium-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 36 KB
37 KB 744ms
247ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukText-Medium-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c980ca79b5ceb9fa87f6e6aea72cabd22b7cc48432aa6b8f0f89e8cf03669133

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 0KMVFA0YBR753KTC
age: 2415058
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37134
x-amz-id-2: stjpvOOsCmYD8bgi/34pgOLhFnZIae7AiPmBnIkGV+KJi/M8Q2hvhStGqdn+uaYHGYoXMeJaAzw=
x-served-by: cache-pao17468-PAO
last-modified: Mon, 17 Apr 2017 14:24:32 GMT
server: AmazonS3
x-timer: S1666685753.368379,VS0,VE0
etag: "e580e94c2898b59e2b2679450d645678"
vary: Accept-Encoding
x-amz-meta-md5_checksum: 64276eb54b518cc5f3db4772da74c162
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 18396

GET
H2 200 DrukText-BoldItalic-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 31 KB
32 KB 743ms
247ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukText-BoldItalic-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97eb8e4fa5181cd74286f549517e482d55ce966762130de329bb5fe64228d0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: JXCFWJJ8MV7MYBQ3
age: 1273739
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31989
x-amz-id-2: T2FE/p1CqQjKhFzXh/9xm9FYrBHP1eCmTY5VCGyM5d2pLmDbkFVQ813sgZFRcZVDF+EISXMH7GE=
x-served-by: cache-pao17468-PAO
last-modified: Mon, 17 Apr 2017 14:24:31 GMT
server: AmazonS3
x-timer: S1666685753.368352,VS0,VE0
etag: "f524857d33d9add0760cb14cf61a17c6"
vary: Accept-Encoding
x-amz-meta-md5_checksum: 2818846a57edd27ccad2b70075754ab4
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 9446

GET
H2 200 DrukText-Bold-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 38 KB
38 KB 743ms
246ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukText-Bold-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

310ef08caee00a719c28f76c0d05433d507b5b18b3834a831601b58c008a253f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: 1EGRP1CBK8Y25ZS2
age: 1805981
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38486
x-amz-id-2: BQdw5IxVyLn2UXb/uGvlpkGVQMyJwDO2LKT5GjCidxIgdXVPi0j1VsmheBxHyxAEJSbwZxAhtqQ=
x-served-by: cache-pao17468-PAO
last-modified: Mon, 17 Apr 2017 14:24:30 GMT
server: AmazonS3
x-timer: S1666685753.368308,VS0,VE0
etag: "c6308e956e5be54a26bb819d071cc057"
vary: Accept-Encoding
x-amz-meta-md5_checksum: e399bf08fcfcda337f12828fa54d31d3
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 14453

GET
H2 200 DrukTextWide-MediumItalic-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 31 KB
32 KB 991ms
495ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukTextWide-MediumItalic-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f6afaffa0f6e72f3e53dd32c7f3d05e2af3ddd7790021d8b5cf2fd945347b87f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: RCTWWRW39F4Q09VF
age: 2414974
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32073
x-amz-id-2: iv6QjT217W9BTkgQ4gPhVjqs2GTcuYuySbkF34+4C2/Ag2XoZ8qDHuLHzCpXS4CGJ7Yv+axB5A0=
x-served-by: cache-pao17468-PAO
last-modified: Tue, 25 Apr 2017 19:48:58 GMT
server: AmazonS3
x-timer: S1666685754.608947,VS0,VE0
etag: "e0ca802d6bdb477673ec5d06b40bae3b"
vary: Accept-Encoding
x-amz-meta-md5_checksum: e770f609096abf3a48bd1f52293400c7
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 13073

GET
H2 200 DrukTextWide-Medium-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 42 KB
43 KB 741ms
245ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukTextWide-Medium-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f7387ddd694cf2a7d655c19fd69ab19bc35136b777d78c2eaf0cbc5f7a2c6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: RHTZC910RHY15XH9
age: 678417
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43090
x-amz-id-2: 0Nn4IfciHql0oildYxAHh2ZP9ntr9E+bgAKKtXRH1cYDHu8arBMWd1rRZgE6DcvTBF0Heg3abm4=
x-served-by: cache-pao17468-PAO
last-modified: Tue, 25 Apr 2017 19:48:57 GMT
server: AmazonS3
x-timer: S1666685753.368175,VS0,VE0
etag: "31cc4137ba3e49afa2ad5e3187f1e830"
vary: Accept-Encoding
x-amz-meta-md5_checksum: abb589f8712b68b666acc8851905f675
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 5388

GET
H2 200 DrukTextWide-BoldItalic-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 32 KB
33 KB 991ms
495ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukTextWide-BoldItalic-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d1c29842cf7952f0484685ce386fd22d85fa0beec14f8b7a531b7deef2df0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: AGA5GGK506KE8YPK
age: 2409542
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33158
x-amz-id-2: RGgrtdpuHOqEocnn6+QIL6Ma3eC/WBGhNHMrh7jwglF7dsyihJtgILx3MtioBI2mdnsp7xTmsp0=
x-served-by: cache-pao17468-PAO
last-modified: Tue, 25 Apr 2017 19:48:56 GMT
server: AmazonS3
x-timer: S1666685754.608922,VS0,VE0
etag: "ef60b6d77afb4db675fd62a2e2943627"
vary: Accept-Encoding
x-amz-meta-md5_checksum: c095bcd698265a14a5090ae41637b627
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 13461

GET
H2 200 DrukTextWide-Bold-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 43 KB
44 KB 990ms
495ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukTextWide-Bold-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

40d80c14d1fb662011cd86bf885ba38913032082837de25a333b90ad49fc4e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: VVXNVEWQFDRYVN5B
age: 1808559
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44294
x-amz-id-2: 7/wAvqZxACYM5edZNEtRbqzJmr7Fzhr8YuzQ82K/ucG3Dn1fsexTqukBPITP4WoXRezO59R6rAQSmkipinPhww==
x-served-by: cache-pao17468-PAO
last-modified: Tue, 25 Apr 2017 19:48:56 GMT
server: AmazonS3
x-timer: S1666685754.608850,VS0,VE0
etag: "02ece8e0ee4de88953137cc6cb8f2438"
vary: Accept-Encoding
x-amz-meta-md5_checksum: acbbb67ebd4a15969d0e1f958b29a17d
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 13642

GET
H2 200 DrukTextWide-SuperItalic-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 34 KB
34 KB 742ms
247ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukTextWide-SuperItalic-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

724f05926a5b8718ec98640c38e148f7fafc92f57f17cac1bf38c01193d94064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: FXPAM41RYFQ64R0Z
age: 1278403
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34610
x-amz-id-2: zs1LB34AznJ6W3AobOL9qHZLfbkIkDp/Qr99mTBP3vD2ukS4fRhxiMffsnRNGeqbHsfAjtyNZ8Y=
x-served-by: cache-pao17468-PAO
last-modified: Mon, 17 Apr 2017 14:24:33 GMT
server: AmazonS3
x-timer: S1666685753.368279,VS0,VE0
etag: "7465f7407f950cdb4e3ce688bef30394"
vary: Accept-Encoding
x-amz-meta-md5_checksum: 55a0ad9074d0c5f14fd093b8ea2a21cc
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 9473

GET
H2 200 DrukTextWide-Super-Web.woff2
cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/ 33 KB
34 KB 743ms
248ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/sbn/druk/DrukTextWide-Super-Web.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d4ba76928562bce8621fb91405cad90023c8b20d5d033a02f4c2cb5d1b5d2a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: DGPV4QDE6FBGDQP4
age: 1797873
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34214
x-amz-id-2: gfomL45u8dClCu9ooV+l57MsmjYxWoYgyfn7oCvoVrNGgQd5Umfjlbxi+Ti3RtSrdSsmCHZy+M8=
x-served-by: cache-pao17468-PAO
last-modified: Mon, 17 Apr 2017 14:24:33 GMT
server: AmazonS3
x-timer: S1666685753.368210,VS0,VE0
etag: "f476fcf5a723f72090f4191224063985"
vary: Accept-Encoding
x-amz-meta-md5_checksum: 5b737c95633f1ffd15e696a42b7a214e
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 13170

GET
H2 200 nittigrotesk-normal.woff2
cdn.vox-cdn.com/shared_fonts/unison/unison_base/nittigrotesk/ 30 KB
30 KB 741ms
246ms Font
application/octet-stream 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/shared_fonts/unison/unison_base/nittigrotesk/nittigrotesk-normal.woff2

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee993a3cd51bbcc85387e4aa81c1450dcccebbf9d4c2a9142062d288a307db47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Oct 2022 08:15:53 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: DGPH0EHVT8EV93TH
age: 1797873
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30299
x-amz-id-2: VFxcc6qekLfdR9FYgpau1mr/rzZa0Q6kKRbk8jmrsXD+DIu/jCWRjZPDXp/MeiNT34gCjjwf2R4=
x-served-by: cache-pao17468-PAO
last-modified: Fri, 02 Dec 2016 15:33:30 GMT
server: AmazonS3
x-timer: S1666685753.368240,VS0,VE0
etag: "a34c464934ae947453f5a547ca92a8c2"
vary: Accept-Encoding
x-amz-meta-md5_checksum: b7996df6830faee34d966b0aad567c31
content-type: text/plain
access-control-allow-origin: *
cache-control: public, max-age=3153600
accept-ranges: bytes
x-cache-hits: 18806

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 388 KB
94 KB 1435ms
315ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8JKW6

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

74f84dab95426a665980e4ae52486f03afbe659aa18c400ecd35ccd3a23a2ec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95591
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Oct 2022 08:15:56 GMT

GET
H2 200 chorus.css
www.sbnation.com/style/community/2/472ede23235a640e0de37520041ef943/ 421 KB
58 KB 2560ms
2355ms Stylesheet
text/css 151.101.1.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sbnation.com/style/community/2/472ede23235a640e0de37520041ef943/chorus.css

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

916b2f764623d75af287b0156c76b7a8bfb58c89c37e5ae0ca473891b5e2f890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556952; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 08:15:55 GMT
via: 1.1 varnish
x-permitted-cross-domain-policies: none
age: 2
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58459
x-xss-protection: 1; mode=block
x-request-id: 6181e96c59115d1f9bb4869a50a7dc4a09d44457
x-served-by: cache-syd10134-SYD
x-runtime: 0.157462
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-timer: S1666685753.030536,VS0,VE2257
etag: W/"916b2f764623d75af287b0156c76b7a8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
content-type: text/css; charset=utf-8
cache-control: max-age=31556952, public, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 concert_ads-3ded7e4f7a901daf64b8.js Show response
cdn.vox-cdn.com/packs/js/ 99 KB
34 KB 252ms
249ms Script
application/javascript 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/packs/js/concert_ads-3ded7e4f7a901daf64b8.js

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b655e04fdd14f8009f83d28ce7bf647ada65390fe6e0123f10c3edda9ba886c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:55 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: Z8KC2J1BGX67RM38
age: 2678
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34989
x-amz-id-2: u2R8cFO1EMOisVEApPNtOjCwW/WqlYHN8cCOPAnWbtiwlE2jLe9isPtPgXruogkZI7IR2gyjeXk=
x-served-by: cache-pao17468-PAO
last-modified: Fri, 19 Aug 2022 15:28:39 GMT
server: AmazonS3
x-timer: S1666685756.585845,VS0,VE0
etag: "a723539be04a1cc36a22d9ee9c1e2a69"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 19

GET
H2 200 concert_ads.js Show response
cdn.concert.io/lib/concert-ads/v2-latest/ 374 KB
101 KB 1428ms
254ms Script
text/javascript 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42c0325b5231d196a940322265cebfd9f88db856e400e89e7c84d83d8ca31b2f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:56 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 0595B2HQZGP1CDJ1
age: 398320
x-cache: HIT
x-amz-meta-surrogate-control: public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key: concert-delivery-system
content-length: 102897
x-amz-id-2: UlqnmRleQMT5TIe7UbgSoLx6ZiZhyezdDmxRe9+wAR9l0rnAD3gmwtmZBc8MmkjezCtYDJmqiyU=
x-served-by: cache-pao17473-PAO
last-modified: Thu, 20 Oct 2022 17:37:16 GMT
server: AmazonS3
x-timer: S1666685757.766785,VS0,VE0
etag: "892c942237cd2d6c05c9d831a4178e2f"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
accept-ranges: bytes
x-cache-hits: 30358

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 1302ms
193ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

e810a3eef0d22a6bdfc83bb56e0e23402d9a8f33c0a449c4260962f226c87db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27293
x-xss-protection: 0
server: sffe
etag: "1374 / 252 of 1000 / last-modified: 1666649283"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Oct 2022 08:15:56 GMT

GET
H2 200 concert-concierge.2.8.0.min.js Show response
cdn.concert.io/lib/ 49 KB
16 KB 1428ms
254ms Script
text/javascript 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/lib/concert-concierge.2.8.0.min.js
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68aa9818e0d0f8c60c5fc7e2b7921aa1a48a52e72e7da4caae29de34d030a6bf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:56 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: EX8CWS8S7X33Z88D
age: 600600
x-cache: HIT
x-amz-meta-surrogate-control: public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key: concert-delivery-system
content-length: 16156
x-amz-id-2: FdbvkPHBAUTl2W7QkorzgLZZKecewLVfM3/2ZtESm3F5B9Ktnug00nKLu+hkIuMfFZK0iKF2Fjw=
x-served-by: cache-pao17473-PAO
last-modified: Fri, 15 May 2020 15:14:13 GMT
server: AmazonS3
x-timer: S1666685757.766897,VS0,VE0
etag: "d685c8f98156cbe695d939f995676060"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 25128

GET
H2 200 moatheader.js Show response
z.moatads.com/voxprebidheader841653991752/ 278 KB
95 KB 1580ms
281ms Script
application/x-javascript 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 678335dbd8f090be7a2e99486554a46c1211561c09fcb9f49d82d62fb022022d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:56 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2022 16:59:05 GMT
server: AmazonS3
x-amz-request-id: GDS6FY8AKYRZS787
etag: "6c75fa790f74bc6d440cd808d51e9e66"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16459
accept-ranges: bytes
content-length: 96841
x-amz-id-2: RCrog0YFoZY8G4dVe8ALgtkgGpj4qcXnKxAB/c0EjnU72tn5dVvrtUN3Qaxc9sxEd3gvjY2nFMQ=

GET
H2 200 global.js Show response
go.metabet.io/js/ 295 KB
60 KB 1650ms
488ms Script
application/javascript 74.207.242.116
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://go.metabet.io/js/global.js?siteID=draftkings-light:sbnation
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.207.242.116 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 74-207-242-116.ip.linodeusercontent.com
Software: Apache/2.4.37 (rocky) /
Resource Hash: a79acf7751feb2dd66faa5099ed015fdf83956d1c05dda0968b3132b34ab17fd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:54:39 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky)
age: 1277
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, public, must-revalidate
accept-ranges: bytes
content-length: 61516

GET
H2 200 count.js Show response
sbnation.coral.coralproject.net/assets/js/ 22 KB
8 KB 302ms
101ms Script
application/javascript 34.120.171.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sbnation.coral.coralproject.net/assets/js/count.js?v=1626303173

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.171.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

7.171.120.34.bc.googleusercontent.com

Software

Resource Hash

8dead7c8678a67f4fadf86e9f45c351175f8d52a830dcbd8579617d0553a2de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 07:51:28 GMT
via: 1.1 google
age: 1469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8002
x-xss-protection: 1; mode=block
x-trace-id: 64778bc0-5426-11ed-8c9a-9bfa4dadc9d8
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 11 Oct 2022 16:55:19 GMT
etag: W/"1f42-183c7f8dcd8"
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=1800,s-max-age=604800
accept-ranges: bytes

GET
H3 200 large_Halos_Heaven_Full.122712.png
cdn.vox-cdn.com/uploads/blog/sbnu_logo/2/ 14 KB
15 KB 1156ms
900ms Image
image/png 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.vox-cdn.com/uploads/blog/sbnu_logo/2/large_Halos_Heaven_Full.122712.png

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e04b9b5f62b3f45458d7fc8c902a2bcc9b801336cc5a4f5efa798f3662a740cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:56 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: B6BXQWQY479NCW75
age: 1200325
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14534
x-amz-id-2: E5zB2XLC/I60/IK0hZ1ldQIHRt1YZlTCl+KqRN4iuFVpgU6+Z0OeHqe2FR9zGY+kIuEZkfpIuTR5PY6W2GJbgw==
x-served-by: cache-pao17449-PAO
last-modified: Wed, 31 May 2017 21:08:13 GMT
server: AmazonS3
x-timer: S1666685757.509558,VS0,VE1
etag: "60e4fdc625bfb63ad53af3496aa80101"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315576000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 large.png
www.sbnation.com/images/sbn/placeholders/profile/ 7 KB
8 KB 103ms
102ms Image
image/png 151.101.1.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sbnation.com/images/sbn/placeholders/profile/large.png
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e7db2472a7b9c137fcec96acf45c13d9619a53b528b1a09aa43da79532f74f9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:55 GMT
via: 1.1 varnish
x-amz-request-id: 2YG4D43DQ6NSH4ZR
age: 1928
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7504
x-amz-id-2: 37OS+cvOAimM/DNuxsNHjlj/v4jOGF3ern8BhcJWWv+kCiG12/pLNvABzj4PhGy13vWonHwhGMA=
x-served-by: cache-syd10134-SYD
last-modified: Mon, 24 Oct 2022 16:30:42 GMT
server: AmazonS3
x-timer: S1666685756.551209,VS0,VE1
etag: "c33a5b6a0f25f54034528ada961fd51b"
vary: Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 chorus-cb64858f39f598e1c39b.js Show response
cdn.vox-cdn.com/packs/js/ 317 KB
103 KB 246ms
245ms Script
application/javascript 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/packs/js/chorus-cb64858f39f598e1c39b.js

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7ee5b47792485fbaea494771a2774c786961e0c422b5547e86ba2860226fcd2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:57 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000
x-amz-request-id: Z8KDQR084E6RG4DB
age: 3332
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104827
x-amz-id-2: OjjfsFDGJNHrjhuogiMxasv9QsfkCEGOgL7ppyqCwoeKQKit63SAYQJHeHX0DaKErx8ZhO9o5tc=
x-served-by: cache-pao17435-PAO
last-modified: Fri, 19 Aug 2022 15:28:38 GMT
server: AmazonS3
x-timer: S1666685758.763695,VS0,VE0
etag: "addd12ddfc7d12af6e3681f56b2e2a23"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 33

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 611ms
198ms Script
text/javascript 13.227.228.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=c86ecff2-0781-48c9-a698-200b0643c35a
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.228.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-228-153.sin52.r.cloudfront.net
Software: Server /
Resource Hash: a5457128174d931326d6e2819cf1b529e685c64d2154005833b46ec4d8aed8d9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:54:03 GMT
content-encoding: gzip
accept-charset: UTF-8
via: 1.1 af3aeac549bb09cd481e4e32ea3fcf16.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-C3
x-amz-rid: XQDKAY995Q352WKP0Z9S
age: 40914
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: p9CB01uVzeyWXzL_jjKqH3vnPzbW3wYnYeeTUN5mNISE3ey6jLM_Tw==

GET
H2 200 pickup.js Show response
phonograph2.voxmedia.com/ 7 KB
3 KB 764ms
254ms Script
text/javascript 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://phonograph2.voxmedia.com/pickup.js?v=1529075019264
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ecdc70e0ee72d2265e3906cc82e9a47043e9cf65500de103094d925bb7a3d403

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 1079
date: Tue, 25 Oct 2022 08:15:58 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 01 Apr 2022 09:18:18 GMT
last-modified: Thu, 31 Mar 2022 14:00:57 GMT
age: 38832
x-timer: S1666685758.283673,VS0,VE0
x-cache: HIT
content-type: text/javascript
cache-control: public, max-age=43200
accept-ranges: bytes
content-length: 2668
x-served-by: cache-pao17471-PAO

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 770ms
254ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 14 Oct 2022 12:44:45 GMT
date: Tue, 25 Oct 2022 08:15:58 GMT
content-encoding: gzip
via: 1.1 varnish
age: 83303
x-guploader-uploadid: ADPycdshOtsJfOnCDOpRbl8gm2UCqsSjCBxTMV0yewaNRrXY-klg_p111rLef50TlC10mQEXg87f96yuOXtH_rjDGhI7
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6181
x-served-by: cache-pao17475-PAO
last-modified: Thu, 17 Mar 2022 20:05:53 GMT
server: UploadServer
x-timer: S1666685758.405828,VS0,VE0
etag: "1e95949e7c12b7ee6c5f4dd56d15b476"
vary: Origin
x-goog-generation: 1647547553107114
content-type: application/javascript
x-goog-hash: crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6181
accept-ranges: bytes
x-scrolljs: 3
x-cache-hits: 40915

GET
H2 503 sbnation
static.fmpub.net/site/ 0
0 3430ms
2909ms Script
text/html 199.232.198.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fmpub.net/site/sbnation
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.198.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-pao17431-PAO
date: Tue, 25 Oct 2022 08:15:57 GMT
x-timer: S1666685755.980145,VS0,VE2655
x-cache: MISS
content-type: text/html; charset=utf-8
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 507
retry-after: 0
x-cache-hits: 0

GET
H3 200 pubads_impl_2022102001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 575ms
192ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130516
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 24 Oct 2023 15:56:14 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 140 B
745 B 588ms
204ms XHR
application/json 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.halosheaven.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

88eaec41e38ebba1f572023870832783ec60721fae640155ea0f082d1276a682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Tue, 25 Oct 2022 08:15:57 GMT

GET
H2 404 optimize.js
www.googleoptimize.com/ 0
0 578ms
193ms Script
text/html 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googleoptimize.com/optimize.js?id=undefined
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8JKW6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f113.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 574ms
191ms Script
text/javascript 142.250.4.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8JKW6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 07:01:30 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4468
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 25 Oct 2022 09:01:30 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 805ms
266ms Script
application/javascript 146.75.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8JKW6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.112.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:58 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 14:35:09 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kcgs7200143-IAD, cache-nrt-rjtf7700066-NRT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 592ms
197ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

8831dd54c2ae21dc08d6d0fd8d6415e727cb3fdc0b21c50b9f12f999e62540ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 08:15:58 GMT
content-md5: ckLzWbGcfT3p08NMFNPULQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
x-fb-rlafr: 0
x-fb-debug: unB9JRey0N/ZdsiOM+gv4MOXNpp0Smkupf6NX18+G6aoaRKwUjNKw3X5kSVD6EJwtlefw+TNW1eqkdH+ev3U2w==
x-fb-trip-id: 548340344
x-fb-content-md5: 7f5639c16a21c69b0d50f5079af79ee9
cross-origin-opener-policy: same-origin-allow-popups
etag: "358b5dbad4a063b2374fbd21cfd922e9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Oct 2022 08:28:43 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 606ms
197ms Script
application/javascript 13.224.250.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-43.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:27:58 GMT
content-encoding: gzip
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 64083
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: RBtt_Y9i_8TL3JuTyS1RC-EB30tNs3TfNgTo58t-x2fTRuA3rMhT5w==

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 124 KB
44 KB 633ms
224ms Script
application/javascript 13.227.254.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8JKW6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-101.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:08:03 GMT
content-encoding: gzip
via: 1.1 322d4a6b5dc93fed92dc98b4eacf25ca.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 477
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: T-SNPkiInSrFQrcQnq1OKFYRY4Yn2eZ1Ny4YWPQxmxJI-_2TjazYVg==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
36 KB 621ms
201ms Script
application/x-javascript 13.224.250.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-82.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: br
via: 1.1 2e4ea5ed710a1104b183ead6b210a514.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 19:10:50 GMT
x-amz-cf-pop: SIN52-C2
age: 47111
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: umMSDrLPifDs0CaK_WhLXjm37CZtWSvlxWOZ2aX7OYQ-LQperPQgBg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 495ms
194ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2M5GYNY1YS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8JKW6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

242219cc6f493b6b4a6f9c7101a1848b46632fbcd47eb7b05358827a79ce735c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 25 Oct 2022 08:16:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 362 B
537 B 633ms
214ms Script
text/html 54.169.0.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&pcode=voxprebidheader841653991752&rx=13842573526&callback=MoatNadoAllJsonpRequest_96314538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.0.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-0-90.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: b8caf9dc79a637fd2d5495b74f5f2428852fdc2e22c436fd736502c50659911a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:00 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "b7dffc91309403de3f299bc371eab56b947a9b96"
content-length: 362
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 97 B
269 B 610ms
208ms Script
text/html 13.213.127.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=VOX_PREBID_HEADER1&hp=1&wf=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1666685757793&de=730895104272&rx=13842573526&m=0&ar=e27dbc83ae5-clean&iw=b9342c1&q=1&cb=0&cu=1666685757793&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=voxprebidheader841653991752&fd=1&it=500&pe=1%3A4308%3A4308%3A0%3A6587&jk=-1&jm=-1&fs=200656&na=1440003826&cs=0&ord=1666685757793&jv=1870780646&callback=DOMlessLLDcallback_96314538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.213.127.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-127-212.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 7bb0695ef1fc0eb29bf0fc3b9eb9d35d5560453479f7aea37d227ec4a84fddbb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:00 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "f027ddd247bc2f03a4b7b0db997732bfee2d6d98"
content-length: 97
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 100 B
275 B 609ms
208ms Script
text/html 13.213.127.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=VOX_PREBID_HEADER1&hp=1&wf=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1666685757793&de=730895104272&rx=13842573526&m=0&ar=e27dbc83ae5-clean&iw=b9342c1&q=2&cb=0&cu=1666685757793&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=voxprebidheader841653991752&fd=1&it=500&pe=1%3A4308%3A4308%3A0%3A6587&jk=-1&jm=-1&fs=200656&na=84503411&cs=0&callback=MoatDataJsonpRequest_96314538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.213.127.212 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-213-127-212.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 8547fcc521e629f56508db5719b14565570703fa5bd148ec27d5eab211093456

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:00 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "979f48b2488b8ef688138bb82b56aa3f5d6ca87d"
content-length: 100
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 0D47 1 KB
2 KB 281ms
281ms Document
text/html 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2131
content-length: 1374
content-type: text/html
date: Tue, 25 Oct 2022 08:15:57 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
server: AmazonS3
unused62: 8096267
x-amz-id-2: sMdfVN9Jr3ZMd8qMS5/xWy04bdZwi/u4W2aQtFZlbookDoLqRjSwUyjg/NFrgNdMOrDO794mSYU=
x-amz-request-id: AB6FDC4C73757840

GET
H2 200 user_context Show response
www.halosheaven.com/services/ 949 B
819 B 674ms
372ms XHR
application/json 151.101.194.125
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.halosheaven.com/services/user_context

Requested by

Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/chorus-cb64858f39f598e1c39b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.125 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

81bbf9c90de074171b1ac37181a74626a3920a754f1d6d457d7016930935615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.halosheaven.com/users/wayofmart2710
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556952; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 08:15:58 GMT
via: 1.1 varnish
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 445
x-xss-protection: 1; mode=block
x-request-id: 9d4a0848f74450cb0251c331c495ad2a1468913b
x-served-by: cache-syd10161-SYD
x-runtime: 0.049629
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-timer: S1666685759.505640,VS0,VE274
etag: W/"81bbf9c90de074171b1ac37181a74626"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
content-type: application/json; charset=utf-8
cache-control: max-age=900, public, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 46 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aae6549753eb3dc6cf108c8b665bfb0a45419ee7358064f86a07cac3a0361f4c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
410 B 1585ms
319ms XHR
application/json 52.94.243.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag/andoncord

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=c86ecff2-0781-48c9-a698-200b0643c35a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 08:15:59 GMT
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Server: Server
x-amz-rid: D5BNJCR7YX7FE0N0Q5XN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.halosheaven.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

GET
H2 200 geolocate.json Show response
metabet.api.areyouwatchingthis.com/api/ 214 B
399 B 737ms
247ms XHR
application/json 74.207.242.116
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://metabet.api.areyouwatchingthis.com/api/geolocate.json?apiKey=219f64094f67ed781035f5f7a08840fc
Requested by: Host: go.metabet.io
URL: https://go.metabet.io/js/global.js?siteID=draftkings-light:sbnation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.207.242.116 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 74-207-242-116.ip.linodeusercontent.com
Software: Apache/2.4.37 (rocky) /
Resource Hash: 11c820859eaf15e6c73f4840ca497ccc0be1cb3db074d4a568f3d01d01a004be

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 08:15:58 GMT
server: Apache/2.4.37 (rocky)
content-length: 214
vary: Origin
content-type: application/json;charset=UTF-8

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 67 KB
18 KB 325ms
113ms Script
text/javascript 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.167.224 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a023adfd550395882ad5f709709df8f21bfeb2b04ced99e3942222d8f81724c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 75f981f2bac9a81f-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cHM6Ly93d3cuaGFsb3NoZWF2ZW4uY29tL3VzZXJzL3dheW9mbWFydDI3MTA=.json Show response
cdn.concert.io/lookup/ 2 KB
2 KB 936ms
445ms XHR
application/json 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.concert.io/lookup/aHR0cHM6Ly93d3cuaGFsb3NoZWF2ZW4uY29tL3VzZXJzL3dheW9mbWFydDI3MTA=.json

Requested by

Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

2316b7e8fab7f536a1336fe38025c5d27e594d3459f8527fab50a5a1a659386a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 08:15:59 GMT
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
content-length: 1626
x-xss-protection: 1; mode=block
x-request-id: ea0d3ee8-8ecd-4425-86d7-1df127056892
x-served-by: cache-pao17440-PAO
x-runtime: 0.012917
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 Oct 2022 05:27:18 GMT
server: Cowboy
x-timer: S1666685759.889102,VS0,VE201
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600, public, s-maxage=57600
content-type: application/json; charset=utf-8
vary: Origin
accept-ranges: bytes
link: <https://cdn.concert.io/lookup/client.json>; rel=preload; as=fetch; crossorigin
x-cache-hits: 0

GET
H2 200 client.json Show response
cdn.concert.io/lookup/ 275 B
838 B 802ms
312ms XHR
application/json 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.concert.io/lookup/client.json

Requested by

Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 08:15:58 GMT
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
content-length: 275
x-xss-protection: 1; mode=block
x-request-id: 20ef123a-b127-41a5-a7e3-33d4b31af6ba
x-served-by: cache-pao17440-PAO
x-runtime: 0.004156
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-timer: S1666685759.889238,VS0,VE68
etag: W/"f3caeb1688453aaa314d1d7f087b3370"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600, public, s-maxage=3600
content-type: application/json; charset=utf-8
vary: Origin
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 segment Show response
cdn.concert.io/segments_prod2/v1.0/ 23 B
188 B 878ms
389ms XHR
application/json 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/segments_prod2/v1.0/segment
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: uvicorn /
Resource Hash: 6aebfc4e8ba630255bcafb813c038ecaaf4ce9294607559e9ff6f2a6ec703b7c

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-pao17440-PAO
pragma: no-cache
date: Tue, 25 Oct 2022 08:15:59 GMT
via: 1.1 varnish
server: uvicorn
x-timer: S1666685759.889358,VS0,VE145
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
accept-ranges: bytes
content-length: 23
x-cache-hits: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 613ms
198ms Script
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:43:02 GMT
content-encoding: gzip
via: 1.1 6ddfc55dbf10d9a646bfcdba6cd89472.cloudfront.net (CloudFront), 1.1 7ee5688c67d5a422c680ec4f06b2838c.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 16:04:04 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN52-C2
age: 1979
x-amz-server-side-encryption: AES256
etag: W/"b13d25523ad505c18e73c78358e50098"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 1sS3s4iALW4XJiuQd9ixdJpUnzVTljVyOi0xnKgkWXLlxIrEfI3oEg==

GET
H2 200 183789-71940066017360.js Show response
js-sec.indexww.com/ht/p/ 40 KB
14 KB 324ms
112ms Script
text/javascript 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f246f7999a5ad417109c5c937587450910a9d5f421736e2ad3da68719fda0133

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 08:00:18 GMT
server: cloudflare
age: 784
etag: W/"904e73-9fcc-5ebd74c87c661"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 75f981f47b60a825-SYD
expires: Tue, 25 Oct 2022 12:16:00 GMT

GET
H2 200 7470_Vox_SBNation_Prebid_DM.js Show response
ads.rubiconproject.com/prebid/ 619 KB
126 KB 854ms
283ms Script
text/javascript 23.41.65.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/7470_Vox_SBNation_Prebid_DM.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.65.80 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-65-80.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ef8bce624973e83723060d1eaff847002f27ec49eb0b5c1428eaf6a758cd3092

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 06:41:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 128114
expires: Tue, 25 Oct 2022 11:23:20 GMT

GET
H2 200 third.html Show response
phonograph2.voxmedia.com/ Frame A691 295 B
297 B 254ms
254ms Document
text/html 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://phonograph2.voxmedia.com/third.html
Requested by: Host: phonograph2.voxmedia.com
URL: https://phonograph2.voxmedia.com/pickup.js?v=1529075019264
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e56493b45ccf5db1ca7c5719e1d15fdae2b9077d6c58cc0eb50ca7b2836d057

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 25384
cache-control: public, max-age=43200
content-encoding: gzip
content-length: 195
content-type: text/html
date: Tue, 25 Oct 2022 08:15:58 GMT
expires: Fri, 21 Oct 2022 01:12:32 GMT
last-modified: Thu, 31 Mar 2022 14:00:57 GMT
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 337
x-served-by: cache-pao17471-PAO
x-timer: S1666685759.543679,VS0,VE0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 492ms
191ms Script
text/javascript 142.250.4.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f113.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 25 Oct 2022 08:21:27 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 78 B
539 B 581ms
192ms XHR
application/json 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

ESF /

Resource Hash

19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0

GET
H2 200 pickup.js Show response
phonograph2.voxmedia.com/ Frame A691 7 KB
3 KB 254ms
254ms Script
text/javascript 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://phonograph2.voxmedia.com/pickup.js
Requested by: Host: phonograph2.voxmedia.com
URL: https://phonograph2.voxmedia.com/third.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ecdc70e0ee72d2265e3906cc82e9a47043e9cf65500de103094d925bb7a3d403

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://phonograph2.voxmedia.com/third.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 354
date: Tue, 25 Oct 2022 08:15:58 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Fri, 21 Oct 2022 01:12:28 GMT
last-modified: Thu, 31 Mar 2022 14:00:57 GMT
age: 25395
x-timer: S1666685759.805977,VS0,VE0
x-cache: HIT
content-type: text/javascript
cache-control: public, max-age=43200
accept-ranges: bytes
content-length: 2668
x-served-by: cache-pao17471-PAO

GET
H2 200 adsct
t.co/i/ 43 B
379 B 455ms
253ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=325e8943-6440-4070-855d-4d6d1d1a1583&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ce99ee16-6d14-49d4-9195-cc9941f7e5ec&tw_document_href=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz4et&type=javascript&version=2.3.27

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 155
date: Tue, 25 Oct 2022 08:16:01 GMT
strict-transport-security: max-age=0
server: tsa_l
content-type: image/gif;charset=utf-8
x-transaction-id: e8878c03c7439499
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c2b7d8ad16ca65df392c321830c4960b05c7d44e875d721fa7eafefd8868ad33
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 462ms
253ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=325e8943-6440-4070-855d-4d6d1d1a1583&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ce99ee16-6d14-49d4-9195-cc9941f7e5ec&tw_document_href=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz4et&type=javascript&version=2.3.27

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_l /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 154
date: Tue, 25 Oct 2022 08:16:01 GMT
strict-transport-security: max-age=631138519
server: tsa_l
content-type: image/gif;charset=utf-8
x-transaction-id: 2a0d5b978b02a159
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f4f6f372744ef63cbde6ab5fda1925480f8c682d1ac9a776ba19cbaed4ed2032
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 588ms
197ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594981607301768&ev=PixelInitialized&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&rl=&if=false&ts=1666685758731

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 08:16:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 589ms
198ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=null&ev=6026192431231&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&rl=&if=false&ts=1666685758731&cd[value]=1.00&cd[currency]=USD

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 08:16:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 unison_request Show response
auth.voxmedia.com/sso/ 0
347 B 301ms
98ms Script
text/javascript 151.101.65.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.voxmedia.com/sso/unison_request?community_id=2&t=1666685758831
Requested by: Host: cdn.vox-cdn.com
URL: https://cdn.vox-cdn.com/packs/js/chorus-cb64858f39f598e1c39b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:02 GMT
via: 1.1 varnish
expires: -1
server: Varnish
x-timer: S1666685762.424100,VS0,VE0
x-cache: HIT
content-type: text/javascript
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
retry-after: 0
x-served-by: cache-syd10148-SYD

GET
H2 200 main.css
go.metabet.io/css/ 103 KB
15 KB 979ms
489ms Stylesheet
text/css 74.207.242.116
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://go.metabet.io/css/main.css?siteID=draftkings-light&v=20220807
Requested by: Host: go.metabet.io
URL: https://go.metabet.io/js/global.js?siteID=draftkings-light:sbnation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 74.207.242.116 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 74-207-242-116.ip.linodeusercontent.com
Software: Apache/2.4.37 (rocky) /
Resource Hash: 88ed79f1c0feb2ae59e8acc2ed37b1628416576b9d2ed6ceefe532b554355ef3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 07:54:40 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky)
age: 1279
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=300, public, must-revalidate
accept-ranges: bytes
content-length: 15069

GET
H2 200 odds.json Show response
metabet.static.api.areyouwatchingthis.com/api/ 77 B
289 B 830ms
279ms XHR
application/json 192.53.164.96
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://metabet.static.api.areyouwatchingthis.com/api/odds.json?apiKey=219f64094f67ed781035f5f7a08840fc&q=
Requested by: Host: go.metabet.io
URL: https://go.metabet.io/js/global.js?siteID=draftkings-light:sbnation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.53.164.96 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 192-53-164-96.ip.linodeusercontent.com
Software: Apache/2.4.37 (rocky) /
Resource Hash: 6a071de3fb0250de3443316c44aed0d4caa280d92249648b17a321ec2a69efbf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:15:59 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky)
age: 0
vary: Origin, Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=5, public, must-revalidate
accept-ranges: bytes

POST
H2 200 publisher:getClientId Show response
ampcid.google.com.au/v1/ 3 B
464 B 578ms
192ms XHR
application/json 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com.au/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 client.json
cdn.concert.io/lookup/ 275 B
471 B 244ms
244ms Other
application/json 199.232.192.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.concert.io/lookup/client.json

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.halosheaven.com/
Origin: https://www.halosheaven.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 08:15:59 GMT
x-permitted-cross-domain-policies: none
age: 0
x-cache: HIT
content-length: 275
x-xss-protection: 1; mode=block
x-request-id: 20ef123a-b127-41a5-a7e3-33d4b31af6ba
x-served-by: cache-pao17440-PAO
x-runtime: 0.004156
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-timer: S1666685759.336268,VS0,VE0
etag: W/"f3caeb1688453aaa314d1d7f087b3370"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600, public, s-maxage=3600
content-type: application/json; charset=utf-8
vary: Origin
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js Show response
cdn.permutive.com/ 1 MB
303 KB 325ms
122ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442cd1a0c15b7e240b1ad7e86ce94f0b4cb3abd48e4c1f23bf3316927c5d4a5f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:02 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: d2fb08da-1c03-4c8a-978f-ad8a96b4c31f
age: 3553
x-guploader-uploadid: ADPycdsQKqJ7Rzv7nwEQ3VezTGqSdcnokdPeZ4BQIiAAIkFg4lSmikQw17UC-C1XqByl70CQLa1yl3FcDeLfdfgHH9qUUA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Sat, 22 Oct 2022 21:13:23 GMT
server: cloudflare
etag: W/"954ef78197f4ab593e953758fc929623"
vary: Accept-Encoding
x-goog-generation: 1666473203653265
content-type: application/javascript
x-goog-hash: crc32c=xL557w==, md5=lU73gZf0q1k+lTdY/JKWIw==
cache-control: public, max-age=900
x-goog-stored-content-length: 315067
cf-ray: 75f98201baa7558d-SYD
expires: Tue, 25 Oct 2022 08:31:02 GMT

POST
H2 200 needle Show response
phonograph2.voxmedia.com/ Frame 59A6 26 B
254 B 378ms
377ms Document
image/gif 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://phonograph2.voxmedia.com/needle

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.halosheaven.com
Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 26
content-type: image/gif
date: Tue, 25 Oct 2022 08:15:59 GMT
expires: Mon, 07 Aug 1995 23:30:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
pragma: no-cache
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-pao17471-PAO
x-timer: S1666685760.755248,VS0,VE122

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
458 B 323ms
322ms XHR
application/json 52.94.243.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22curbedcom06-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710%22%7D&u=https://www.halosheaven.com/users/wayofmart2710

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=c86ecff2-0781-48c9-a698-200b0643c35a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.243.89 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

f3517ca17f0e9a3851752998b26cb5596d99686aee9bd68bbd625a9e9cd159ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 08:16:00 GMT
Strict-Transport-Security: max-age=300; includeSubDomains; preload
Server: Server
x-amz-rid: FVVE63588ZHCPW4SDEEY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.halosheaven.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7976662&cs_it=b3&cv=3.8.0.210223&ns__t=1666685760445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&c8=wayofmart2710%20Profile%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=7976662&cs_it=b3&cv=3.8.0.210223&ns__t=1666685760445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&c8=wayofmart2710%20Profile%2...

0
191 B

352ms
352ms

Image
text/plain

13.224.250.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7976662&cs_it=b3&cv=3.8.0.210223&ns__t=1666685760445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&c8=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&c9=
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Server: 13.224.250.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-43.sin52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
x-amz-cf-id: 7YFEwCmvALU7H2a6JWuRBPHYcCM_EDhU9UZJW_Bm_gWWN-Jn6_u0rg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=7976662&cs_it=b3&cv=3.8.0.210223&ns__t=1666685760445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&c8=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&c9=
date: Tue, 25 Oct 2022 08:16:02 GMT
via: 1.1 2db56a73a9d0486b15ff1dc828be02a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
content-length: 0
x-amz-cf-id: WLs9JCO-DXBTtJFx5ZEa9tGf8D11raXu0m16EeYLDJZAjcB2GwkFng==
x-cache: Miss from cloudfront

POST
H2 204 collect
analytics.google.com/g/ 0
350 B 578ms
192ms Ping
text/plain 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2M5GYNY1YS&gtm=2oeaj0&_p=557192675&_gaz=1&cid=1358645078.1666685760&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dr=&sid=1666685760&sct=1&seg=0&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&dt=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&en=page_view&_fv=1&_ss=1&ep.content_type=other&ep.ad_block_status=false&ep.community=halosheaven&ep.vertical=sbnation&ep.network_community_groups=sbnation%3Ahalosheaven&ep.scroll_subscription=false&ep.unique_pageload_id=0e4e953f-c30a-4fc8-9785-3f8b071d2675&ep.ITM_source=&up.user_id_dimension=Logged%20Out
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2M5GYNY1YS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 897ms
595ms Ping
text/plain 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2M5GYNY1YS&cid=1358645078.1666685760&gtm=2oeaj0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2M5GYNY1YS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 587ms
202ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2M5GYNY1YS&cid=1358645078.1666685760&gtm=2oeaj0&aip=1&z=1938803849

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pub.json Show response
pub.doubleverify.com/signals/ 504 B
678 B 627ms
525ms Fetch
application/json 104.18.167.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.json?ctx=21236410&cmp=DV464041&signals=ids,bsc,vlp,abs&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&adunits[/172968584/sbn/mlb/halosheaven.com][]=1180x450,1400x600&adunits[/172968584/sbn/mlb/halosheaven.com][]=2x2&adunits[/172968584/sbn/mlb/halosheaven.com][]=1020x90,728x90,970x90&adunits[/172968584/sbn/mlb/halosheaven.com][]=1020x90,728x90&adunits[/172968584/sbn/mlb/halosheaven.com][]=26x2

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.167.224 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6a7ff35de2ef59e084bc835dbd6531f21150d2464117d2a3e98c3e598c6e47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/users/wayofmart2710
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server-timing: ids;desc="ids";dur=117, bsc;desc="bsc";dur=117, vlp;desc="vlp";dur=414, rauth;desc="rauth mem";dur=0, total;dur=414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age: 900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 75f981f418f2a959-SYD

POST
H2 204 /
vtrk.doubleverify.com/ 0
186 B 804ms
263ms Ping
text/plain 3.38.72.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=f03b0c2a-8674-4253-8da6-8b1fb017582d&z=229386276851&ctx=21236410&cd160=365124f7-25ce-4b7d-b71f-1a43a5d38e06&cd161=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&ea=load-pq&cd180=network&cm180=2216&cm181=6&cm182=102&cm183=103&cm184=113&cm185=2&cm186=2224&cmp=DV464041
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.72.56 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-72-56.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.halosheaven.com
date: Tue, 25 Oct 2022 08:16:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 401 simple Show response
api.sail-personalize.com/v1/personalize/ 49 B
219 B 298ms
297ms Fetch
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22

Request headers

x-lib-version: v1.0.1
accept-language: en-AU,en;q=0.9
authorization: Bearer undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.halosheaven.com/
x-referring-url: https://www.halosheaven.com/users/wayofmart2710

Response headers

access-control-allow-origin: https://www.halosheaven.com
date: Tue, 25 Oct 2022 08:16:01 GMT
access-control-allow-credentials: true
www-authenticate: Bearer realm="realm"
content-length: 49
content-type: text/plain

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 894ms
296ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.halosheaven.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.halosheaven.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Tue, 25 Oct 2022 08:16:01 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 31 B
605 B 1185ms
391ms Fetch
application/json 13.225.78.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-129.fra2.r.cloudfront.net
Software: /
Resource Hash: 9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:48:34 GMT
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA2-C2
age: 26847
x-amzn-requestid: eb6907ec-a746-441c-a462-e4ffa86be23c
x-amzn-trace-id: Root=1-63573262-3485a34c32d429916663828f;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: aiTPZFYDDoEFp7A=
content-length: 31
x-amz-cf-id: UKjSHstBuk05FpYDxHG19K3p0kdtjdi-yINwxy1hx6c6MTWfFUI1Fg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
282 B 486ms
276ms XHR
text/plain 34.120.155.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 310ms
100ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183789
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 15a799666e244c54c14f1059d6418443a7e25e6a7e6f314ae947382fb47356d1

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 24 Nov 2022 08:16:01 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 550 B
770 B 785ms
273ms XHR
application/json 54.176.253.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=VOX&sv_domain=www.halosheaven.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.176.253.251 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-176-253-251.us-west-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: accd17c4fac80834933fd1ba9e65018ac96f07d8bededd636ab1f87d5284c04e

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.halosheaven.com
date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.22.0
vary: Accept-Encoding, Origin
content-type: application/json

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
249 B 193ms
192ms XHR
text/plain 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-16183787-1&cid=1358645078.1666685760&jid=1665624676&gjid=1604588637&_gid=493559.1666685760&_u=aHBAiEAjBAQCAEAAI~&z=49724245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Oct 2022 08:16:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
76 B 192ms
192ms XHR
text/plain 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1367699-1&cid=1358645078.1666685760&jid=83128137&gjid=659963650&_gid=493559.1666685760&_u=aHDAiEAjBAQCAEAAI~&z=1137321408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Oct 2022 08:16:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 191ms
191ms Image
image/gif 142.250.4.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=557192675&t=pageview&_s=1&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&ul=en-us&de=UTF-8&dt=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAiEAjBAQCAAAAI~&jid=1665624676&gjid=1604588637&cid=1358645078.1666685760&tid=UA-16183787-1&_gid=493559.1666685760&gtm=2wgaj0W8JKW6&cd2=other&cd3=Logged%20Out&cd6=0&cd11=halosheaven&cd12=sbnation&cd15=no&cd20=sbnation%3Ahalosheaven&cd21=No%20Auth0%20ID&cd23=false&cd33=no%20value%20set&cd54=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd57=&z=1179626226

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81737
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 192ms
191ms Image
image/gif 142.250.4.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=557192675&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&ul=en-us&de=UTF-8&dt=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=interaction&ea=interaction%3A90&el=interaction%3Aother%3A90&_u=aHDAiEAjBAQCAEAAI~&jid=83128137&gjid=659963650&cid=1358645078.1666685760&tid=UA-1367699-1&_gid=493559.1666685760&gtm=2wgaj0W8JKW6&cd2=other&cd3=Logged%20Out&cd11=halosheaven&cd12=sbnation&cd20=sbnation%3Ahalosheaven&cd59=Event%20-%20Standard&z=2029296827

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81737
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 192ms
191ms Image
image/gif 142.250.4.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=557192675&t=pageview&_s=1&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&dr=%2F&ul=en-us&de=UTF-8&dt=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAQCAEABI~&jid=&gjid=&cid=1358645078.1666685760&tid=UA-1367699-1&_gid=493559.1666685760&gtm=2wgaj0W8JKW6&cd2=other&cd3=Logged%20Out&cd6=0&cd11=halosheaven&cd12=sbnation&cd15=no&cd20=sbnation%3Ahalosheaven&cd21=No%20Auth0%20ID&cd23=false&cd33=no%20value%20set&cd54=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd57=&cd56=0e4e953f-c30a-4fc8-9785-3f8b071d2675&z=1819382458

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 09:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81738
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 579ms
193ms Script
application/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.halosheaven.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 581ms
194ms Script
application/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.halosheaven.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 735 B
421 B 239ms
238ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3390876522073102&correlator=4089086417869714&eid=31070528%2C31069925%2C31068366%2C31068919&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Csbn%2Cmlb%2Chalosheaven.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1400x600%7C1180x450&ifi=1&adks=2678508154&sfv=1-0-38&prev_scp=slot_name%3Dprelude%26position%3Dprelude%26concert_rid%3D418aff40-543d-11ed-ac4b-893483339979%26ccc%3Dfalse%26VLP%3D0%26pts_sid%3Dcd4b86e8-2026-4ea4-b7fa-3435cda3e6af%26qt_loaded%3Dids%2Cbsc%2Cabs%2Cvlp&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dsbn%26affiliation%3Dmlb%252Cbaseball%26team%3Dlos-angeles-angels%26unison%3Dtrue%26profile_author%3Dwayofmart2710%26page_type%3Dinterior_page%26keywords%3Dwayofmart%252Cprofile%252Cand%252Cactivity%252Chalos%252Cheaven%26pageload_id%3D0e4e953f-c30a-4fc8-9785-3f8b071d2675%26permutive%3D%26cts_client%3D1%26fins%3D%26cts_keyword%3Dall%26cts_keyword_list%3Dlist_66%252Clist_198%252Clist_200%252Clist_206%252Clist_242%252Clist_266%252Clist_270%252Clist_276%252Clist_288%252Clist_290%252Clist_291%252Clist_310%252Clist_312%252Clist_317%252Clist_336%252Clist_341%252Clist_342%252Clist_380%252Clist_384%252Clist_394%252Clist_395%252Clist_396%252Clist_405%252Clist_406%252Clist_412%252Clist_465%252Clist_466%252Clist_467%252Clist_470%252Clist_514%252Clist_519%252Clist_520%252Clist_541%252Clist_576%252Clist_585%252Clist_591%252Clist_609%252Clist_648%252Clist_649%252Clist_652%252Clist_653%252Clist_669%252Clist_670%252Clist_672%252Clist_674%252Clist_675%252Clist_676%252Clist_677%252Clist_679%252Clist_681%252Clist_684%252Clist_685%252Clist_769%252Clist_772%252Clist_777%252Clist_781%252Clist_784%252Clist_788%252Clist_795%252Clist_796%252Clist_800%252Clist_803%252Clist_807%252Clist_815%252Clist_870%252Clist_873%252Clist_875%252Clist_876%252Clist_877%252Clist_879%252Clist_892%252Clist_895%252Clist_898%252Clist_902%252Clist_951%252Clist_953%252Clist_959%252Clist_997%252Clist_1000%252Clist_1009%252Clist_1017%252Clist_1025%252Clist_1026%252Clist_1065%252Clist_1079%252Clist_1117%252Clist_1118%252Clist_1120%252Clist_1126%252Clist_1130%252Clist_1184%252Clist_1192%252Clist_1193%252Clist_1237%252Clist_1241%252Clist_1243%252Clist_1247%252Clist_1254%252Clist_1257%252Clist_1273%252Clist_1280%252Clist_1322%252Clist_1324%252Clist_1334%252Clist_1335%252Clist_1341%252Clist_1347%252Clist_1382%252Clist_1387%252Clist_1435%26cts_iab_category%3D26%252C26.3.7%252C26.3%252C26.3.1%252C26.3.7.7%26cts_title%3Dwayofmart2710%2520Profile%2520and%2520Activity%2520-%2520Halos%2520Heaven%26cts_present%3D1%26cts_keyword_classification_enqueued_at%3D2022-10-25T05%253A26%253A51Z%26cts_keyword_classification_status%3Dsuccessful%26cts_keyword_age%3Dunder_1_day%26pts_pid%3Df03b0c2a-8674-4253-8da6-8b1fb017582d%26IDS%3D0%26BSC%3D80000200%252C84221001%26ABS%3D%26qt_loaded%3Dids%252Cbsc%252Cabs&sc=1&cookie_enabled=1&abxe=1&dt=1666685761157&lmt=1666685761&dlt=1666685752752&idt=6009&adxs=100&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&frm=20&vis=1&psz=1600x0&msz=1400x0&fws=132&ohw=1600&ga_vid=1358645078.1666685760&ga_sid=1666685761&ga_hid=557192675&ga_fc=true&ga_cid=493559.1666685760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

44c222b71fc5a7c96494ca23240a52aa346393703d4bb42e8bb7e916f113e5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 391
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 561 B
314 B 237ms
235ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3390876522073102&correlator=3825002208037760&eid=31070528%2C31069925%2C31068366%2C31068919&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Csbn%2Cmlb%2Chalosheaven.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=2x2&ifi=2&adks=3855797471&sfv=1-0-38&prev_scp=slot_name%3Dreskin%26position%3Dreskin%26concert_rid%3D418aff41-543d-11ed-ac4b-893483339979%26ccc%3Dfalse%26VLP%3D0%26pts_sid%3D971bd689-c7c3-481b-9696-159d42cccd75%26qt_loaded%3Dids%2Cbsc%2Cabs%2Cvlp&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dsbn%26affiliation%3Dmlb%252Cbaseball%26team%3Dlos-angeles-angels%26unison%3Dtrue%26profile_author%3Dwayofmart2710%26page_type%3Dinterior_page%26keywords%3Dwayofmart%252Cprofile%252Cand%252Cactivity%252Chalos%252Cheaven%26pageload_id%3D0e4e953f-c30a-4fc8-9785-3f8b071d2675%26permutive%3D%26cts_client%3D1%26fins%3D%26cts_keyword%3Dall%26cts_keyword_list%3Dlist_66%252Clist_198%252Clist_200%252Clist_206%252Clist_242%252Clist_266%252Clist_270%252Clist_276%252Clist_288%252Clist_290%252Clist_291%252Clist_310%252Clist_312%252Clist_317%252Clist_336%252Clist_341%252Clist_342%252Clist_380%252Clist_384%252Clist_394%252Clist_395%252Clist_396%252Clist_405%252Clist_406%252Clist_412%252Clist_465%252Clist_466%252Clist_467%252Clist_470%252Clist_514%252Clist_519%252Clist_520%252Clist_541%252Clist_576%252Clist_585%252Clist_591%252Clist_609%252Clist_648%252Clist_649%252Clist_652%252Clist_653%252Clist_669%252Clist_670%252Clist_672%252Clist_674%252Clist_675%252Clist_676%252Clist_677%252Clist_679%252Clist_681%252Clist_684%252Clist_685%252Clist_769%252Clist_772%252Clist_777%252Clist_781%252Clist_784%252Clist_788%252Clist_795%252Clist_796%252Clist_800%252Clist_803%252Clist_807%252Clist_815%252Clist_870%252Clist_873%252Clist_875%252Clist_876%252Clist_877%252Clist_879%252Clist_892%252Clist_895%252Clist_898%252Clist_902%252Clist_951%252Clist_953%252Clist_959%252Clist_997%252Clist_1000%252Clist_1009%252Clist_1017%252Clist_1025%252Clist_1026%252Clist_1065%252Clist_1079%252Clist_1117%252Clist_1118%252Clist_1120%252Clist_1126%252Clist_1130%252Clist_1184%252Clist_1192%252Clist_1193%252Clist_1237%252Clist_1241%252Clist_1243%252Clist_1247%252Clist_1254%252Clist_1257%252Clist_1273%252Clist_1280%252Clist_1322%252Clist_1324%252Clist_1334%252Clist_1335%252Clist_1341%252Clist_1347%252Clist_1382%252Clist_1387%252Clist_1435%26cts_iab_category%3D26%252C26.3.7%252C26.3%252C26.3.1%252C26.3.7.7%26cts_title%3Dwayofmart2710%2520Profile%2520and%2520Activity%2520-%2520Halos%2520Heaven%26cts_present%3D1%26cts_keyword_classification_enqueued_at%3D2022-10-25T05%253A26%253A51Z%26cts_keyword_classification_status%3Dsuccessful%26cts_keyword_age%3Dunder_1_day%26pts_pid%3Df03b0c2a-8674-4253-8da6-8b1fb017582d%26IDS%3D0%26BSC%3D80000200%252C84221001%26ABS%3D%26qt_loaded%3Dids%252Cbsc%252Cabs&sc=1&cookie_enabled=1&abxe=1&dt=1666685761165&lmt=1666685761&dlt=1666685752752&idt=6009&adxs=799&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&frm=20&vis=1&psz=1600x0&msz=2x0&fws=132&ohw=1600&ga_vid=1358645078.1666685760&ga_sid=1666685761&ga_hid=557192675&ga_fc=true&ga_cid=493559.1666685760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

3200b022bc090a69429bfa42d1d3c697669a73f0b74a8fa6d670222fd1548914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 550 B
314 B 235ms
233ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3390876522073102&correlator=3273820859312888&eid=31070528%2C31069925%2C31068366%2C31068919&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Csbn%2Cmlb%2Chalosheaven.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=26x2&ifi=3&adks=2027999777&sfv=1-0-38&prev_scp=slot_name%3Dsite_sponsorship_logo_color%26position%3Dsite_sponsorship_logo_color%26concert_rid%3D418b4d60-543d-11ed-ac4b-893483339979%26ccc%3Dtrue%26VLP%3D0%26pts_sid%3D62c38d68-2e80-4f3b-bd28-91279437bc12%26qt_loaded%3Dids%2Cbsc%2Cabs%2Cvlp&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dsbn%26affiliation%3Dmlb%252Cbaseball%26team%3Dlos-angeles-angels%26unison%3Dtrue%26profile_author%3Dwayofmart2710%26page_type%3Dinterior_page%26keywords%3Dwayofmart%252Cprofile%252Cand%252Cactivity%252Chalos%252Cheaven%26pageload_id%3D0e4e953f-c30a-4fc8-9785-3f8b071d2675%26permutive%3D%26cts_client%3D1%26fins%3D%26cts_keyword%3Dall%26cts_keyword_list%3Dlist_66%252Clist_198%252Clist_200%252Clist_206%252Clist_242%252Clist_266%252Clist_270%252Clist_276%252Clist_288%252Clist_290%252Clist_291%252Clist_310%252Clist_312%252Clist_317%252Clist_336%252Clist_341%252Clist_342%252Clist_380%252Clist_384%252Clist_394%252Clist_395%252Clist_396%252Clist_405%252Clist_406%252Clist_412%252Clist_465%252Clist_466%252Clist_467%252Clist_470%252Clist_514%252Clist_519%252Clist_520%252Clist_541%252Clist_576%252Clist_585%252Clist_591%252Clist_609%252Clist_648%252Clist_649%252Clist_652%252Clist_653%252Clist_669%252Clist_670%252Clist_672%252Clist_674%252Clist_675%252Clist_676%252Clist_677%252Clist_679%252Clist_681%252Clist_684%252Clist_685%252Clist_769%252Clist_772%252Clist_777%252Clist_781%252Clist_784%252Clist_788%252Clist_795%252Clist_796%252Clist_800%252Clist_803%252Clist_807%252Clist_815%252Clist_870%252Clist_873%252Clist_875%252Clist_876%252Clist_877%252Clist_879%252Clist_892%252Clist_895%252Clist_898%252Clist_902%252Clist_951%252Clist_953%252Clist_959%252Clist_997%252Clist_1000%252Clist_1009%252Clist_1017%252Clist_1025%252Clist_1026%252Clist_1065%252Clist_1079%252Clist_1117%252Clist_1118%252Clist_1120%252Clist_1126%252Clist_1130%252Clist_1184%252Clist_1192%252Clist_1193%252Clist_1237%252Clist_1241%252Clist_1243%252Clist_1247%252Clist_1254%252Clist_1257%252Clist_1273%252Clist_1280%252Clist_1322%252Clist_1324%252Clist_1334%252Clist_1335%252Clist_1341%252Clist_1347%252Clist_1382%252Clist_1387%252Clist_1435%26cts_iab_category%3D26%252C26.3.7%252C26.3%252C26.3.1%252C26.3.7.7%26cts_title%3Dwayofmart2710%2520Profile%2520and%2520Activity%2520-%2520Halos%2520Heaven%26cts_present%3D1%26cts_keyword_classification_enqueued_at%3D2022-10-25T05%253A26%253A51Z%26cts_keyword_classification_status%3Dsuccessful%26cts_keyword_age%3Dunder_1_day%26pts_pid%3Df03b0c2a-8674-4253-8da6-8b1fb017582d%26IDS%3D0%26BSC%3D80000200%252C84221001%26ABS%3D%26qt_loaded%3Dids%252Cbsc%252Cabs&sc=1&cookie_enabled=1&abxe=1&dt=1666685761168&lmt=1666685761&dlt=1666685752752&idt=6009&adxs=1314&adys=25&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&frm=20&vis=1&psz=0x0&msz=26x0&fws=132&ohw=1600&ga_vid=1358645078.1666685760&ga_sid=1666685761&ga_hid=557192675&ga_fc=true&ga_cid=493559.1666685760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

6c498325d403fa037d76672816be84dfd42c54fd6219e0835bb7272cc8d4aa16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 284
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9ECA 6 KB
4 KB 587ms
193ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 08:16:01 GMT
expires: Wed, 25 Oct 2023 08:16:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 /
vtrk.doubleverify.com/ 0
185 B 804ms
264ms Ping
text/plain 3.38.72.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=f03b0c2a-8674-4253-8da6-8b1fb017582d&z=657083557122&ctx=21236410&cd160=de9245cf-248b-4b37-9180-ed4c5edaea63&cd161=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&ea=load-signals&cd191=75f981f418f2a959&cd180=network&cm180=628&cm181=0&cm182=0&cm183=102&cm184=525&cm185=1&cm186=630&cm170=0&cd187=ids&cm187=117&cd171=80000200%2C84221001&cd188=bsc&cm188=117&cd189=vlp&cm189=414&cm190=0&cd190=rauth%20mem&cm191=414&cd175=%7B%22cd4b86e8-2026-4ea4-b7fa-3435cda3e6af%22%3A%7B%22VLP%22%3A%220%22%7D%2C%22971bd689-c7c3-481b-9696-159d42cccd75%22%3A%7B%22VLP%22%3A%220%22%7D%2C%229b6af347-1ccb-43a5-81c9-d06e2ca17615%22%3A%7B%22VLP%22%3A%225%22%7D%2C%22d3247ad9-c6a2-4ef2-ba42-e40df4f638be%22%3A%7B%22VLP%22%3A%225%22%7D%2C%2262c38d68-2e80-4f3b-bd28-91279437bc12%22%3A%7B%22VLP%22%3A%220%22%7D%7D&cm192=0&cmp=DV464041
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.38.72.56 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-72-56.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.halosheaven.com
date: Tue, 25 Oct 2022 08:16:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 584ms
197ms Image
image/gif 74.125.130.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1367699-1&cid=1358645078.1666685760&jid=83128137&_u=aHDAiEAjBAQCAEAAI~&z=1680645633

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 498ms
197ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1367699-1&cid=1358645078.1666685760&jid=83128137&_u=aHDAiEAjBAQCAEAAI~&z=1680645633

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 590ms
197ms XHR
application/javascript 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:47 GMT
x-amz-version-id: GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding: gzip
via: 1.1 329e55efa499e18fcf6f1be33880c120.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
age: 67634
x-cache: Hit from cloudfront
last-modified: Fri, 21 Oct 2022 19:58:26 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: POjSqqMjW7sTDfD1jvMPJQFaAkXinkKpybFRRxMxnL7G4GvELSx5aA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 88 B
441 B 411ms
411ms XHR
application/json 13.225.2.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3176&u=https%3A%2F%2Fwww.halosheaven.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.2.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-2-118.sin52.r.cloudfront.net
Software: Server /
Resource Hash: d848e3088477bf033f37bd116a70998a02de992ec7b0e73ed9d2f04cb1e5f92e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:01 GMT
via: 1.1 7ee5688c67d5a422c680ec4f06b2838c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 88
x-amz-cf-id: UA1TGuQbgx0-K8LwINy4KfGmisO78Iu-YZ5RGGJldGf5kVpwsbZTCg==

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
222 B 416ms
215ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=360954&u=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 75f981fb6ba2ab02-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 209 B
547 B 1005ms
551ms XHR
text/javascript 13.35.17.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3176&u=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&pid=5FMgfXcjMReGD&cb=0&ws=1600x1200&v=22.10.131733&t=1500&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-desktop_leaderboard_variable%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221020x90%22%5D%2C%22sn%22%3A%22%2F172968584%2Fsbn%2Fmlb%2Fhalosheaven.com%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-btf_leaderboard_variable%22%2C%22s%22%3A%5B%22728x90%22%2C%221020x90%22%5D%2C%22sn%22%3A%22%2F172968584%2Fsbn%2Fmlb%2Fhalosheaven.com%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.17.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-17-5.sin5.r.cloudfront.net
Software: Server /
Resource Hash: ec3b14af21a529bfcf9f501d24ca6d685335b94e2b5c40c5afa459ee751fedf6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:02 GMT
via: 1.1 0b3572829f6f42309f3adfa694398770.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 209
x-amz-cf-id: jCTSfPvFsmVRUlabMVuDG-AbTrJUEfwvIeaXtOJBU8RtJfZ312ZThw==

GET
H2 200 7470-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 46 KB
5 KB 872ms
291ms XHR
application/json 23.41.65.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/7470-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/7470_Vox_SBNation_Prebid_DM.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.65.80 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-65-80.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3863c8fe39662425302641c551ad77f450fe29ccccaaa547c33525a6a0f97e8a

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:02 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 07:41:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5291

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 497ms
195ms Script
application/javascript 172.217.194.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.halosheaven.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 498ms
196ms Script
application/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.halosheaven.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 105 KB
34 KB 737ms
736ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3390876522073102&correlator=3224865431860059&eid=31070528%2C31069925%2C31068366%2C44714449%2C31068919&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Csbn%2Cmlb%2Chalosheaven.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C1020x90&ifi=4&adks=3144208821&sfv=1-0-38&prev_scp=slot_name%3Ddesktop_leaderboard_variable%26position%3Ddesktop_leaderboard_variable%26c_sv%3D4%26concert_rid%3D418b2650-543d-11ed-ac4b-893483339979%26ccc%3Dfalse%26VLP%3D5%26pts_sid%3D9b6af347-1ccb-43a5-81c9-d06e2ca17615%26qt_loaded%3Dids%2Cbsc%2Cabs%2Cvlp%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dsbn%26affiliation%3Dmlb%252Cbaseball%26team%3Dlos-angeles-angels%26unison%3Dtrue%26profile_author%3Dwayofmart2710%26page_type%3Dinterior_page%26keywords%3Dwayofmart%252Cprofile%252Cand%252Cactivity%252Chalos%252Cheaven%26pageload_id%3D0e4e953f-c30a-4fc8-9785-3f8b071d2675%26permutive%3D%26cts_client%3D1%26fins%3D%26cts_keyword%3Dall%26cts_keyword_list%3Dlist_66%252Clist_198%252Clist_200%252Clist_206%252Clist_242%252Clist_266%252Clist_270%252Clist_276%252Clist_288%252Clist_290%252Clist_291%252Clist_310%252Clist_312%252Clist_317%252Clist_336%252Clist_341%252Clist_342%252Clist_380%252Clist_384%252Clist_394%252Clist_395%252Clist_396%252Clist_405%252Clist_406%252Clist_412%252Clist_465%252Clist_466%252Clist_467%252Clist_470%252Clist_514%252Clist_519%252Clist_520%252Clist_541%252Clist_576%252Clist_585%252Clist_591%252Clist_609%252Clist_648%252Clist_649%252Clist_652%252Clist_653%252Clist_669%252Clist_670%252Clist_672%252Clist_674%252Clist_675%252Clist_676%252Clist_677%252Clist_679%252Clist_681%252Clist_684%252Clist_685%252Clist_769%252Clist_772%252Clist_777%252Clist_781%252Clist_784%252Clist_788%252Clist_795%252Clist_796%252Clist_800%252Clist_803%252Clist_807%252Clist_815%252Clist_870%252Clist_873%252Clist_875%252Clist_876%252Clist_877%252Clist_879%252Clist_892%252Clist_895%252Clist_898%252Clist_902%252Clist_951%252Clist_953%252Clist_959%252Clist_997%252Clist_1000%252Clist_1009%252Clist_1017%252Clist_1025%252Clist_1026%252Clist_1065%252Clist_1079%252Clist_1117%252Clist_1118%252Clist_1120%252Clist_1126%252Clist_1130%252Clist_1184%252Clist_1192%252Clist_1193%252Clist_1237%252Clist_1241%252Clist_1243%252Clist_1247%252Clist_1254%252Clist_1257%252Clist_1273%252Clist_1280%252Clist_1322%252Clist_1324%252Clist_1334%252Clist_1335%252Clist_1341%252Clist_1347%252Clist_1382%252Clist_1387%252Clist_1435%26cts_iab_category%3D26%252C26.3.7%252C26.3%252C26.3.1%252C26.3.7.7%26cts_title%3Dwayofmart2710%2520Profile%2520and%2520Activity%2520-%2520Halos%2520Heaven%26cts_present%3D1%26cts_keyword_classification_enqueued_at%3D2022-10-25T05%253A26%253A51Z%26cts_keyword_classification_status%3Dsuccessful%26cts_keyword_age%3Dunder_1_day%26pts_pid%3Df03b0c2a-8674-4253-8da6-8b1fb017582d%26IDS%3D0%26BSC%3D80000200%252C84221001%26ABS%3D%26qt_loaded%3Dids%252Cbsc%252Cabs&sc=1&cookie=ID%3D26411d5c86c3492a-221cd2ae85d700df%3AT%3D1666685761%3AS%3DALNI_MZEwEKpaDe7m_8wIBqdVABMNkbEgw&gpic=UID%3D00000b6c385caf26%3AT%3D1666685761%3ART%3D1666685761%3AS%3DALNI_Mbso6gANkdr-dD_Gh1WmdtR3M1wcQ&abxe=1&dt=1666685762820&lmt=1666685762&dlt=1666685752752&idt=6009&adxs=436&adys=163&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&frm=20&vis=1&psz=1600x90&msz=730x-1&fws=4&ohw=730&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1358645078.1666685760&ga_sid=1666685761&ga_hid=557192675&ga_fc=true&ga_cid=493559.1666685760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

efeae1cce32bcc6564b97ef983bd80df6d8bd5e2bfd993f44cf0eeba5f957446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35275
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 104 KB
34 KB 927ms
926ms XHR
text/plain 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3390876522073102&correlator=603434965489066&eid=31070528%2C31069925%2C31068366%2C44714449%2C31068919&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fif&us_privacy=1YNY&iu_parts=172968584%2Csbn%2Cmlb%2Chalosheaven.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C1020x90&ifi=5&adks=3546638428&sfv=1-0-38&prev_scp=slot_name%3Dbtf_leaderboard_variable%26position%3Dbtf_leaderboard_variable%26c_sv%3D4%26concert_rid%3D418b2651-543d-11ed-ac4b-893483339979%26ccc%3Dtrue%26VLP%3D5%26pts_sid%3Dd3247ad9-c6a2-4ef2-ba42-e40df4f638be%26qt_loaded%3Dids%2Cbsc%2Cabs%2Cvlp%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26device_type%3Ddesktop%26network%3Dsbn%26affiliation%3Dmlb%252Cbaseball%26team%3Dlos-angeles-angels%26unison%3Dtrue%26profile_author%3Dwayofmart2710%26page_type%3Dinterior_page%26keywords%3Dwayofmart%252Cprofile%252Cand%252Cactivity%252Chalos%252Cheaven%26pageload_id%3D0e4e953f-c30a-4fc8-9785-3f8b071d2675%26permutive%3D%26cts_client%3D1%26fins%3D%26cts_keyword%3Dall%26cts_keyword_list%3Dlist_66%252Clist_198%252Clist_200%252Clist_206%252Clist_242%252Clist_266%252Clist_270%252Clist_276%252Clist_288%252Clist_290%252Clist_291%252Clist_310%252Clist_312%252Clist_317%252Clist_336%252Clist_341%252Clist_342%252Clist_380%252Clist_384%252Clist_394%252Clist_395%252Clist_396%252Clist_405%252Clist_406%252Clist_412%252Clist_465%252Clist_466%252Clist_467%252Clist_470%252Clist_514%252Clist_519%252Clist_520%252Clist_541%252Clist_576%252Clist_585%252Clist_591%252Clist_609%252Clist_648%252Clist_649%252Clist_652%252Clist_653%252Clist_669%252Clist_670%252Clist_672%252Clist_674%252Clist_675%252Clist_676%252Clist_677%252Clist_679%252Clist_681%252Clist_684%252Clist_685%252Clist_769%252Clist_772%252Clist_777%252Clist_781%252Clist_784%252Clist_788%252Clist_795%252Clist_796%252Clist_800%252Clist_803%252Clist_807%252Clist_815%252Clist_870%252Clist_873%252Clist_875%252Clist_876%252Clist_877%252Clist_879%252Clist_892%252Clist_895%252Clist_898%252Clist_902%252Clist_951%252Clist_953%252Clist_959%252Clist_997%252Clist_1000%252Clist_1009%252Clist_1017%252Clist_1025%252Clist_1026%252Clist_1065%252Clist_1079%252Clist_1117%252Clist_1118%252Clist_1120%252Clist_1126%252Clist_1130%252Clist_1184%252Clist_1192%252Clist_1193%252Clist_1237%252Clist_1241%252Clist_1243%252Clist_1247%252Clist_1254%252Clist_1257%252Clist_1273%252Clist_1280%252Clist_1322%252Clist_1324%252Clist_1334%252Clist_1335%252Clist_1341%252Clist_1347%252Clist_1382%252Clist_1387%252Clist_1435%26cts_iab_category%3D26%252C26.3.7%252C26.3%252C26.3.1%252C26.3.7.7%26cts_title%3Dwayofmart2710%2520Profile%2520and%2520Activity%2520-%2520Halos%2520Heaven%26cts_present%3D1%26cts_keyword_classification_enqueued_at%3D2022-10-25T05%253A26%253A51Z%26cts_keyword_classification_status%3Dsuccessful%26cts_keyword_age%3Dunder_1_day%26pts_pid%3Df03b0c2a-8674-4253-8da6-8b1fb017582d%26IDS%3D0%26BSC%3D80000200%252C84221001%26ABS%3D%26qt_loaded%3Dids%252Cbsc%252Cabs&sc=1&cookie=ID%3D26411d5c86c3492a-221cd2ae85d700df%3AT%3D1666685761%3AS%3DALNI_MZEwEKpaDe7m_8wIBqdVABMNkbEgw&gpic=UID%3D00000b6c385caf26%3AT%3D1666685761%3ART%3D1666685761%3AS%3DALNI_Mbso6gANkdr-dD_Gh1WmdtR3M1wcQ&abxe=1&dt=1666685762822&lmt=1666685762&dlt=1666685752752&idt=6009&adxs=436&adys=813&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&frm=20&vis=1&psz=1600x90&msz=730x-1&fws=4&ohw=730&psts=APxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=1358645078.1666685760&ga_sid=1666685761&ga_hid=557192675&ga_fc=true&ga_cid=493559.1666685760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

b422b3e5631c964086a305e78f03d631a913043cac9119fdf5b64d83184bfaf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35185
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 983E
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

338 B
1 KB

322ms
322ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

6cb06c0443c8c63bd69bfc8c5a01a1508ab39793ce7ee7c82b588b9993ce5797

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 338
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 25 Oct 2022 08:16:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: FDHMRJHEWQZWTAGZ7WTF

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 25 Oct 2022 08:16:03 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: AY6H56MFGK7GP10PWD0P

GET
H2 200 pxid Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/v2.0/ 46 B
397 B 587ms
382ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/v2.0/pxid?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8a0804364299d9470b773ae9dfcc04b5578d3d744554c77b6bc2022b3b4e9099

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
709 B 872ms
366ms XHR
application/json 104.254.151.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:03 GMT
AN-X-Request-Uuid: eb6323ce-4ac8-4dbd-b934-9212080ca8e4
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.halosheaven.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 173.245.209.182; 173.245.209.182; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-models.bin Show response
cdn.permutive.com/models/v2/ 31 KB
23 KB 607ms
405ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b626fd533d5ee36612e495f8281d9e35ba741a46ebe54334f45ae527d6e4b783

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
x-goog-meta-oid: d2fb08da-1c03-4c8a-978f-ad8a96b4c31f
x-guploader-uploadid: ADPycdt7fhEdCIRqdSJUHSi2pt1qOSI6Jke37sgnti7mIZLhh_0ED54zpwBvDSbhxlboZC6HPmMw-UYHvge9cAmlZuf3toPozveT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 23012
last-modified: Tue, 25 Oct 2022 06:02:13 GMT
server: cloudflare
etag: "bf0588ec6994b1dfe6e72d6a50d1a7e3"
vary: Accept-Encoding
x-goog-generation: 1666677733073488
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=5IffEw==, md5=vwWI7GmUsd/m5y1qUNGn4w==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 23012
accept-ranges: bytes
cf-ray: 75f982058cd9aaf6-SYD
expires: Tue, 25 Oct 2022 08:16:03 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 239 B
252 B 593ms
391ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: dd4492416c53a9eaf5e6e21e3f362a93dafb75f3b8d9b730bf97846bf5aa8bbd

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
219 B 585ms
383ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:03 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
BLOB 200
OK d2006810-28fa-4f3c-acd2-55a7405917b6
https://www.halosheaven.com/ 844 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.halosheaven.com/d2006810-28fa-4f3c-acd2-55a7405917b6
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51960fbad1ca216dcf80003849c367e1cb95ee3e2bd3eeb90269f18df9e3c022

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 864251

GET
BLOB 200
OK 223ec3e6-2f54-4fc4-b417-2ca5c3179280
https://www.halosheaven.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.halosheaven.com/223ec3e6-2f54-4fc4-b417-2ca5c3179280
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e1cd3ccd125af732cb522db3943090790c09e6f696dc74697328f7754fac352

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 20393

GET
H2 200 container.html Show response
7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 881C 6 KB
3 KB 493ms
192ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 08:16:01 GMT
expires: Wed, 25 Oct 2023 08:16:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 293ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=VOX_PREBID_HEADER1&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&m=0&ar=e27dbc83ae5-clean&iw=b9342c1&q=3&cb=0&cu=1666685757793&ll=2&lm=0&ln=0&em=0&en=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&bo=sbn&bd=halosheaven.com&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=voxprebidheader841653991752&fd=1&it=500&pe=1%3A4308%3A4308%3A0%3A6587&jk=-1&jm=-1&fs=200656&na=436234019&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:03 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:03 GMT

GET
H3 200 container.html Show response
7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DD5 6 KB
3 KB 375ms
191ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 08:16:01 GMT
expires: Wed, 25 Oct 2023 08:16:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
215 B 714ms
376ms XHR
text/plain 34.107.222.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.222.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 v3 Show response
api.permutive.com/v2.0/demographic/infer/ 205 B
88 B 586ms
387ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/demographic/infer/v3?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Jetty(9.4.43.v20210629) /
Resource Hash: 9868773395c1330ce24e455894a9e3173a4e8e83e04bc0bb5d2bea2f156935dc

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
via: 1.1 google
server: Jetty(9.4.43.v20210629)
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 14 B
28 B 580ms
381ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 08:16:04 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

POST
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
481 B 636ms
374ms XHR
text/plain 34.107.222.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.222.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 400ms
196ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594981607301768&ev=PixelInitialized&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&rl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&if=false&ts=1666685764002

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 08:16:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 587ms
387ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: c831673fa914ee41beda19f465be25665a42f9701085549f92a684f0c7da7b79

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 295ms
282ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=VOX_PREBID_HEADER1&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1666685757793&de=21187691327&rx=13842573526&m=0&ar=e27dbc83ae5-clean&iw=b9342c1&q=4&cb=0&cu=1666685757793&ll=2&lm=0&ln=0&em=0&en=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&bo=sbn&bd=halosheaven.com&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=voxprebidheader841653991752&fd=1&it=500&pe=1%3A4308%3A4308%3A0%3A6587&jk=-1&jm=-1&fs=200656&na=1524174479&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 881C 8 KB
968 B 581ms
195ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 07:49:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 08:16:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 881C 2 KB
936 B 816ms
432ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 16:03:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 881C 0
0 201ms
201ms Fetch
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD-CBQptXY_iWPMiomsMP9IWV-AmArumGbYzByv65EGQQASD6qYoXYKWAgICQAaABj7Xc_QLIAQmpAoia5vzSNqU-4AIAqAMByAPLBKoE_QFP0NU7E8k9M8h6r2Znzdc21sBAZzis7ZNvfIG3kGWG__pCAE7JooIE4XUado6frY_y8NxfCD-Ld4wrLPWfFsw0OtOXNdEL1G1WUQUU1FpffxZ1dQtuvsuLAllqMc6MrFZhNc16-X-uHD9Hk37mJwpFj4h9FDVwFBO47rVDQA-QayytmFfPN76R7lT6_dYGOh0IJqUnAyh3TnTi7j-Z5cAlxu-9vA8zqdTINgFhtvOXCskOlDyLpyJC7Keztv-QmkTIJja61EW0HDKw5DdROiW1p-3AWPxcwzZ3wcbf0QR_CHvPTE2x3_I7oSug51mDdoAMpNzEB9krVIkYjkaTwATNpZLBjwTgBAGSBQQIBBgBkgUECAUYBKAGLoAHs6CPmQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCYthXSCA8IgGEQARgdMgKKAjoCgECACgPICwGYDMGq8JuHBLgTgwTYEw7QFQGAFwGyFx4KHAgAEhRwdWItNTQwNTEzMjYwMzUwNDM4NBiIwBU&sigh=REoksnZeZpU&uach_m=[UACH]&template_id=515
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f154.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 881C 23 KB
9 KB 766ms
384ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:47:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 881C 3 KB
1 KB 612ms
450ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:34:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 881C 17 KB
7 KB 627ms
246ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:54:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 881C 0
0 548ms
242ms Image
text/html 74.125.130.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWhArHUDTPsEe7i2V42Z5r16Cbs93r73DlWeXp0th67uTKw1tSxjgUa0ghDoJ22i3_Sfy07_ThRwZl9zUAdFCCfR7M_A
Requested by: Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f99.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 881C 152 KB
47 KB 499ms
198ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 08:16:04 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 881C 33 KB
14 KB 583ms
191ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 03:41:45 GMT

GET
H2 200 8188693971603122983
tpc.googlesyndication.com/simgad/ Frame 881C 1 KB
1 KB 796ms
431ms Image
image/png 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8188693971603122983?w=100&h=100

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

90966309e33ea46f84a2084924409f8f1e5d4423db426f0caf5799c2206fb672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 20:57:59 GMT
x-content-type-options: nosniff
age: 127085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 23:15:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 20:57:59 GMT

GET
DATA 200
OK truncated
/ Frame 881C 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 881C 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 5DD5 8 KB
1 KB 549ms
195ms Stylesheet
text/css 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 07:45:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 08:16:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5DD5 2 KB
984 B 778ms
422ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 16:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 16:03:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5DD5 0
0 203ms
203ms Fetch
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CX9wdQ5tXY4kF1aiaww-q_b-IDICu6YZtjMHK_rkQZBABIPqpihdgpYCAgJABoAGPtdz9AsgBCakCiJrm_NI2pT7gAgCoAwHIA8sEqgSDAk_QmljCMVcNxOwLGnSdoN3LQIFfPYmdFuIkimbC1jUObiLdho67U3gdBHV70PDceWixQ2q3EUQM6Mg1EULuztC9szgxmXn7PODCd3Pm1V_klxK8HvVrRvOKajXXj8SYT2HyOeagKf-cA55ZsDS-1TV80AU3dpLBoKlC2csq-UPoVuRnkGooJA1_QX3Sc3-WhLQFdR-nec7hV9kuDYjykl6ujL_YxB6pBiboqEJ7BJ1RbWpYYhCjm765NSi66PY_TS4JBBpf81eH-pfbiqJ0juiLlgpCSiudKku6KkYXzjDoIJmVXfRLfxcjRVoFHjqnPxqUTUpCbM8PG5AfIGDyd9WgtY7ABM2lksGPBOAEAZIFBAgEGAGSBQQIBRgEoAYugAezoI-ZAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJi2FdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAZgMwarwm4cEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi01NDA1MTMyNjAzNTA0Mzg0GIjAFQ&sigh=zbaQ_l2Cdt8&uach_m=[UACH]&template_id=515
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f154.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 5DD5 23 KB
9 KB 567ms
212ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:47:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5DD5 3 KB
1 KB 603ms
441ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:34:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 5DD5 17 KB
8 KB 546ms
193ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62520
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:54:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5DD5 0
0 547ms
241ms Image
text/html 74.125.130.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0mJVERxko5jKoiOfcz8x5uQIILVig2Qwi5buSSmduxGt5V-bImN6gSD86pIqa7s9TPUWMQuCNT6NP80AbK_2Yd2pGEw
Requested by: Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f99.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DD5 152 KB
47 KB 658ms
356ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 08:16:04 GMT

GET
H2 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 5DD5 33 KB
14 KB 621ms
229ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 03:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 23 Jan 2023 03:41:45 GMT

GET
H2 200 8188693971603122983
tpc.googlesyndication.com/simgad/ Frame 5DD5 1 KB
1 KB 791ms
441ms Image
image/png 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8188693971603122983?w=100&h=100

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

90966309e33ea46f84a2084924409f8f1e5d4423db426f0caf5799c2206fb672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 20:57:59 GMT
x-content-type-options: nosniff
age: 127085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 23:15:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 23 Oct 2023 20:57:59 GMT

GET
DATA 200
OK truncated
/ Frame 5DD5 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5DD5 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ii.js Show response
mb.moatads.com/ 43 B
215 B 209ms
195ms Script
text/html 54.169.0.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/ii.js?lineItemId=5146287266&callback=lineItemInfo5146287266Callback_96314538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.0.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-0-90.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: a26b61dfba0e872afd05009d770285e59f07aa24889480fb3505b4e686eb3b5e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "bc66858768afad3985b1ceb002879ba4c9217145"
content-length: 43
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
mb.moatads.com/s/ 235 B
408 B 214ms
201ms Script
text/html 54.169.0.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&pcode=voxprebidheader841653991752&ord=1666685757793&jv=1602238186&callback=BrandSafetyNadoscallback_96314538
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.0.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-0-90.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: c0d368fc0d3fde4f5301cca4c91e8f8ebd34377fee6dce9e9063d48e3cf33327

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "b3820bc1f7428b3eef271e8e1eec5aed906e37f6"
content-length: 235
content-type: text/html; charset=UTF-8

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 376ms
372ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8afbee3a0757f0b48459d6abbf4c923ab9174a90f00d77dcd44f3da78f16f72f

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112

POST
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
353 B 378ms
377ms XHR
text/plain 34.107.222.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.222.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 08:16:04 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 8BB4 2 KB
3 KB 616ms
615ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

f3fd534a6ac2cf399baa861a5aa5698c095c851927f23c1dba643a9831f68feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2553
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 25 Oct 2022 08:16:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: JCEP13GFVR4CE2YG73ZX

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/7435d6d0-75af-40fc-b0b7-9e66b5324a73/ 12 B
25 B 378ms
377ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/7435d6d0-75af-40fc-b0b7-9e66b5324a73/audiences?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 08:16:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 283ms
283ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=814.640625&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=21187691327&rx=13842573526&cu=1666685757793&m=6514&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=814.640625&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=0&ag=31&an=0&gf=31&gg=0&ix=31&ic=31&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=31&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=61&cd=0&ah=61&am=0&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=1814228684&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:04 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:04 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D63E 1 KB
677 B 577ms
192ms Document
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 9561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:36:44 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 05:36:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 429ms
429ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 08:16:05 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 281ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=162.5&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&cu=1666685757793&m=6813&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=162.5&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=0&ag=82&an=0&gf=82&gg=0&ix=82&ic=82&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=82&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=164&cd=0&ah=164&am=0&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=674850632&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:05 GMT

POST
H3 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
14 B 477ms
377ms XHR
text/plain 34.107.222.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.222.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 08:16:05 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 894E 1 KB
1 KB 401ms
191ms Document
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 9561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 05:36:44 GMT
etag: 48472445140208031
expires: Wed, 26 Oct 2022 05:36:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 881C 28 KB
28 KB 577ms
191ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f94.1e100.net

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 22:22:51 GMT
x-content-type-options: nosniff
age: 467594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 22:22:51 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8BB4
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1666685765596
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=990824193
https://sync.1rx.io/usersync/tradedesk/56237bbd-e9eb-4419-825e-9718d14702e9
https://sync.targeting.unrulymedia.com/csync/RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-a8d3d78f-cde3-4977-a428-c250...
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004

43 B
479 B

318ms
318ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9SF4DCJM07Z5RR34FF5W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004
date: Tue, 25 Oct 2022 08:16:06 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXa8d3d78fcde34977a428c250bad4be8e004
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8BB4
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3096873656837430000V10

43 B
479 B

690ms
317ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3096873656837430000V10

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G778YGE1BWQAJK6JRH04
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:05 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3096873656837430000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Tue, 25 Oct 2022 08:16:05 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame FA73
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
1 KB

527ms
395ms

Document
text/html

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 810892cc1804928a47f9716dbfb087317d41dcfc303c9cfdf1a6a582a9fb7af6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75f98213d96ea80b-SYD
content-encoding: br
content-type: text/html
date: Tue, 25 Oct 2022 08:16:06 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 75f982119fecdfaf-SYD
content-length: 0
date: Tue, 25 Oct 2022 08:16:05 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame B8C6 427 B
612 B 608ms
197ms Document
text/html 3.1.247.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.247.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: fb699593defd64cd64433b394cafc3489ced485fdbba45fff91175fb117d72f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-length: 427
date: Tue, 25 Oct 2022 08:16:05 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BFAC 15 KB
6 KB 858ms
283ms Document
text/html 23.72.44.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-44-196.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=87444
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 08:16:05 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 26 Oct 2022 08:33:29 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B5A5 281 B
554 B 850ms
281ms Document
text/html 23.15.148.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-15-148-136.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Oct 2022 08:16:05 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 0F34
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wX0FQYjVsRTJ1SllSUEJYYVpLdjJEQVpRTmhXY2d6OH5B

43 B
479 B

435ms
316ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wX0FQYjVsRTJ1SllSUEJYYVpLdjJEQVpRTmhXY2d6OH5B

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Oct 2022 08:16:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: QJFE7TQX8D2C4R1PF4QD

Redirect headers

age: 0
content-length: 0
date: Tue, 25 Oct 2022 08:16:05 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wX0FQYjVsRTJ1SllSUEJYYVpLdjJEQVpRTmhXY2d6OH5B
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H3

200

cm Show response
u.openx.net/w/1.0/ Frame 29F6
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

583 B
377 B

338ms
195ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f051c3742950bc3ee70503663459c777a92a8cb9f7fe4a5dc5ef09e23b702636

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 358
content-type: text/html
date: Tue, 25 Oct 2022 08:16:05 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 25 Oct 2022 08:16:05 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 9056
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=7422719982403516301&ex=appnexus.com

43 B
479 B

340ms
304ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=7422719982403516301&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Oct 2022 08:16:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: TB3J9DTXRK5WZ9VGMTGK

Redirect headers

AN-X-Request-Uuid: c0d7e999-da94-4d63-9b4f-d024e78991b5
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Oct 2022 08:16:05 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=7422719982403516301&ex=appnexus.com
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 173.245.209.182; 173.245.209.182; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 97FB
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2974799449007580493830

43 B
479 B

478ms
305ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2974799449007580493830

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 25 Oct 2022 08:16:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: NWJPNGVZT4T2AF5N10MV

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 25 Oct 2022 08:16:05 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2974799449007580493830
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5DD5 28 KB
28 KB 483ms
393ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f94.1e100.net

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 22:22:51 GMT
x-content-type-options: nosniff
age: 467594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 22:22:51 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 894E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEMXIaA-0wHr83Aojg1P1xVk&google_cver=1&google_push=AZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMXIaA-0wHr83Aojg1P1xVk&google_cver=1&google_push=AZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b...

43 B
450 B

276ms
270ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMXIaA-0wHr83Aojg1P1xVk&google_cver=1&google_push=AZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Server: 104.18.25.173 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75f982151e89aae1-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 14793
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMXIaA-0wHr83Aojg1P1xVk&google_cver=1&google_push=AZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg_-wQm4SCkf6M7LDudpEfi0c0aT88sDI26R9tR6mjo9vTpqdqDMynw2NNtqb6RO8NzZZyDKFQI5fLNhE05khJwfLycDx-b3%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75f982136c88aae1-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 894E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEO1-7_zjyjYFmnEHx8-ecN8&google_cver=1&google_push=AZmPxg-zAgXh44s2lrsVb1dpq_kOTT5HaDZdTrlPZ-oo8K0e3BRY58F_EDpRKQPKyOLWPgbdTH8VGTf6q9sAp683y9nnwldbtJwU
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=931C8E959620413F9A5F8DA8F9CF51B1&google_push=AZmPxg-zAgXh44s2lrsVb1dpq_kOTT5HaDZdTrlPZ-oo8K0e3BRY58F_EDpRKQPKyOLWPgbdTH8VGTf6q9sAp68...

170 B
188 B

404ms
200ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=931C8E959620413F9A5F8DA8F9CF51B1&google_push=AZmPxg-zAgXh44s2lrsVb1dpq_kOTT5HaDZdTrlPZ-oo8K0e3BRY58F_EDpRKQPKyOLWPgbdTH8VGTf6q9sAp683y9nnwldbtJwU

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 25 Oct 2022 08:16:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=931C8E959620413F9A5F8DA8F9CF51B1&google_push=AZmPxg-zAgXh44s2lrsVb1dpq_kOTT5HaDZdTrlPZ-oo8K0e3BRY58F_EDpRKQPKyOLWPgbdTH8VGTf6q9sAp683y9nnwldbtJwU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Oct 2022 08:16:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 894E
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEGu2qncbGcPFvGqPtbVsptQ&google_cver=1&google_push=AZmPxg9WrYFyJj4b4tCF63We-FYmd4ic3TOfn2T0CsjSURMfLqjeJQpOgkNVpFAWD4ulmb9fuBm2pOjqWoXg50_trkf_PDjq...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9WrYFyJj4b4tCF63We-FYmd4ic3TOfn2T0CsjSURMfLqjeJQpOgkNVpFAWD4ulmb9fuBm2pOjqWoXg50_trkf_PDjqiGTS

170 B
188 B

194ms
194ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9WrYFyJj4b4tCF63We-FYmd4ic3TOfn2T0CsjSURMfLqjeJQpOgkNVpFAWD4ulmb9fuBm2pOjqWoXg50_trkf_PDjqiGTS

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg9WrYFyJj4b4tCF63We-FYmd4ic3TOfn2T0CsjSURMfLqjeJQpOgkNVpFAWD4ulmb9fuBm2pOjqWoXg50_trkf_PDjqiGTS
Date: Tue, 25 Oct 2022 08:16:06 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 894E
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEE3ABS7Zj6G3ZLA8VZA4WKI&google_cver=1&google_push=AZmPxg9G00Umj6etgx-1h42qDgu3RGLqgD8xoVItpVTVPJeH6-zg_g7Ba4B5DmkYjHzc7FAqNHq--p508bidjLLqNgrrm4MvNGXb
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTFFMDY0QTM5RkU0MzNBNg==

170 B
188 B

268ms
199ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTFFMDY0QTM5RkU0MzNBNg==

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RTFFMDY0QTM5RkU0MzNBNg==
date: Tue, 25 Oct 2022 08:16:06 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 894E
Redirect Chain

https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEOSj-1nFf_61Q6NxycEydQQ&google_cver=1&google_push=AZmPxg9vJrjDtpsHjRg2-1_BB53a6LoDToEGneXY2j2xe0PXWS1-0sFirQUVUBVpwFLB1kfYXug8akLHjQSc4uJ61gF6eidvC9x2
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg9vJrjDtpsHjRg2-1_BB53a6LoDToEGneXY2j2xe0PXWS1-0sFirQUVUBVpwFLB1kfYXug8akLHjQSc4uJ61gF6eidvC9x2&google_hm=NTE4OEc2MDBrQkRBWTAwOFh...

170 B
188 B

196ms
195ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg9vJrjDtpsHjRg2-1_BB53a6LoDToEGneXY2j2xe0PXWS1-0sFirQUVUBVpwFLB1kfYXug8akLHjQSc4uJ61gF6eidvC9x2&google_hm=NTE4OEc2MDBrQkRBWTAwOFhaSHo

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-store, no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location: //cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg9vJrjDtpsHjRg2-1_BB53a6LoDToEGneXY2j2xe0PXWS1-0sFirQUVUBVpwFLB1kfYXug8akLHjQSc4uJ61gF6eidvC9x2&google_hm=NTE4OEc2MDBrQkRBWTAwOFhaSHo
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-SID: 159f32b0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 894E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKuJdApaIYQEEepyRPacj5c&google_cver=1&google_push=AZmPxg_rv_Wwa09vj3mCecNLjjOhFRV4H_enqp8nIUb9qMKb-l70-JIgMJdy_-Wd8e5FNYCXlZv_8U6RUlT9...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_rv_Wwa09vj3mCecNLjjOhFRV4H_enqp8nIUb9qMKb-l70-JIgMJdy_-Wd8e5FNYCXlZv_8U6RUlT9afZYP0fjEQ68cnCb

170 B
188 B

403ms
198ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_rv_Wwa09vj3mCecNLjjOhFRV4H_enqp8nIUb9qMKb-l70-JIgMJdy_-Wd8e5FNYCXlZv_8U6RUlT9afZYP0fjEQ68cnCb

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_rv_Wwa09vj3mCecNLjjOhFRV4H_enqp8nIUb9qMKb-l70-JIgMJdy_-Wd8e5FNYCXlZv_8U6RUlT9afZYP0fjEQ68cnCb
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 894E 35 B
623 B 758ms
247ms Image
image/gif 182.22.31.252
YAHOO Yahoo Japan...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEO6QiN_L5U8cirGqupeBN5o&google_cver=1&google_push=AZmPxg8J0Oqxa-PChvdMPZnc7w0a2sEpTcFr-bewvMOfW_xyviuqjTwSoOoRXxbCKLG40Emw1rUsCZy9ry0PaMONTY33PpactYGfEQ

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.22.31.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),

Reverse DNS

Software

ATS /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:06 GMT
x-content-type-options: nosniff
server: ATS
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 894E 0
232 B 583ms
192ms Image
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHQ7cj8-BL8P4nuCBTNCuxdbtaRtC1SGDd26LDrLrtPDFl_LoPow5fK3PaDg0l-BPVo-mKTw

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE20ypgog_pqHXrK6dqVhCs&google_cver=1&google_push=AZmPxg8TsgfIdU9-D9nFuuc09J-t3lUFAte0GZsu3WP4CBjbtovcKjCOVEryLPhEfuGOfr4_X70Eehu1GzMfQm5X528RaIRmdfET
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A90D99DE6B00492A838E53B1C7D0FAC8&google_push=AZmPxg8TsgfIdU9-D9nFuuc09J-t3lUFAte0GZsu3WP4CBjbtovcKjCOVEryLPhEfuGOfr4_X70Eehu1GzMfQm5...

170 B
188 B

399ms
195ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A90D99DE6B00492A838E53B1C7D0FAC8&google_push=AZmPxg8TsgfIdU9-D9nFuuc09J-t3lUFAte0GZsu3WP4CBjbtovcKjCOVEryLPhEfuGOfr4_X70Eehu1GzMfQm5X528RaIRmdfET

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 25 Oct 2022 08:16:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A90D99DE6B00492A838E53B1C7D0FAC8&google_push=AZmPxg8TsgfIdU9-D9nFuuc09J-t3lUFAte0GZsu3WP4CBjbtovcKjCOVEryLPhEfuGOfr4_X70Eehu1GzMfQm5X528RaIRmdfET
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 24 Oct 2022 08:16:06 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFTM9r_ZKwtFJIwVhwF7lb0&google_cver=1&google_push=AZmPxg_ohZ7PQUg_OJJaasVqlUxN7w9a4949TLkcbU7zx4ol-uqaW0V2OGvPnjbw8TiOz045EjlJL...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_ohZ7PQUg_OJJaasVqlUxN7w9a4949TLkcbU7zx4ol-uqaW0V2OGvPnjbw8TiOz045EjlJLdHx1t5gSdIRAxS8L9MVtio

170 B
232 B

200ms
194ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_ohZ7PQUg_OJJaasVqlUxN7w9a4949TLkcbU7zx4ol-uqaW0V2OGvPnjbw8TiOz045EjlJLdHx1t5gSdIRAxS8L9MVtio

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 25 Oct 2022 08:16:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 30E5616C1BB943C597978CF7902600CA Ref B: SYD03EDGE1516 Ref C: 2022-10-25T08:16:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AZmPxg_ohZ7PQUg_OJJaasVqlUxN7w9a4949TLkcbU7zx4ol-uqaW0V2OGvPnjbw8TiOz045EjlJLdHx1t5gSdIRAxS8L9MVtio
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXr14UE8va1BNqzfHq//w==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKE4pVfIs363y4NhjMd1HGc&google_cver=1&google_push=AZmPxg-vJJWfE30WZOzM51S--Z80QtdlnNlIIXJ3ULzLrW9xklUTe7lalIVjcsDAMh3csmqJ3tMqh-Ntw0no-Thp816_TLz...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-vJJWfE30WZOzM51S--Z80QtdlnNlIIXJ3ULzLrW9xklUTe7lalIVjcsDAMh3csmqJ3tMqh-Ntw0no-Thp816_TLzl6ls&google_hm=NjgyOTU0OTE3MTg5NDAyNDI...

170 B
232 B

498ms
197ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-vJJWfE30WZOzM51S--Z80QtdlnNlIIXJ3ULzLrW9xklUTe7lalIVjcsDAMh3csmqJ3tMqh-Ntw0no-Thp816_TLzl6ls&google_hm=NjgyOTU0OTE3MTg5NDAyNDI4MA%3D%3D

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 25 Oct 2022 08:16:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-vJJWfE30WZOzM51S--Z80QtdlnNlIIXJ3ULzLrW9xklUTe7lalIVjcsDAMh3csmqJ3tMqh-Ntw0no-Thp816_TLzl6ls&google_hm=NjgyOTU0OTE3MTg5NDAyNDI4MA%3D%3D
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_hm=Y1ebRZVwKc1qQwUU2uDXtwAAEmEAAAIB&google_nid=index&google_push=AZmPxg8IBZn7lYMXynSQDS8SqugrJMCf4Qyg5...

170 B
232 B

496ms
195ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_hm=Y1ebRZVwKc1qQwUU2uDXtwAAEmEAAAIB&google_nid=index&google_push=AZmPxg8IBZn7lYMXynSQDS8SqugrJMCf4Qyg5vM_SDmrLAVgxyO7-TD2RsQsTh64uD0b8T-pLHh_KBAqqg5kHofEnuQbB6DWQeQc

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_hm=Y1ebRZVwKc1qQwUU2uDXtwAAEmEAAAIB&google_nid=index&google_push=AZmPxg8IBZn7lYMXynSQDS8SqugrJMCf4Qyg5vM_SDmrLAVgxyO7-TD2RsQsTh64uD0b8T-pLHh_KBAqqg5kHofEnuQbB6DWQeQc
cache-control: no-cache
cf-ray: 75f98213d971a80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESENUy_85yGx7PGEvJ-TOgh7c&google_cver=1&google_push=AZmPxg-xQnL6yBunW9GoL42Kce0fmknJfNKIRMlDfKClv_zx3YzZvA8gtzcWpdm-kxn1dt-7-N7Atg9rECLFD...
https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg-xQnL6yBunW9GoL42Kce0fmknJfNKIRMlDfKClv_zx3YzZvA8gtzcWpdm-kxn1dt-7-N7Atg9rECLFDpMaKFUpkUIr7h8D

170 B
188 B

378ms
197ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg-xQnL6yBunW9GoL42Kce0fmknJfNKIRMlDfKClv_zx3YzZvA8gtzcWpdm-kxn1dt-7-N7Atg9rECLFDpMaKFUpkUIr7h8D

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=fsn_asia_private_limited_new&google_push=AZmPxg-xQnL6yBunW9GoL42Kce0fmknJfNKIRMlDfKClv_zx3YzZvA8gtzcWpdm-kxn1dt-7-N7Atg9rECLFDpMaKFUpkUIr7h8D
Date: Tue, 25 Oct 2022 08:16:06 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENwIEgkNakbwAsIb2iqntig&google_cver=1&google_push=AZmPxg-3zzGfjtWr0vNP6yqhqFWpX4Mj0ccFaIM48JkrY1Ta8ZHaHIaiE4m8KeM9q6LfZkAt2dsQ6BpIerJp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3zzGfjtWr0vNP6yqhqFWpX4Mj0ccFaIM48JkrY1Ta8ZHaHIaiE4m8KeM9q6LfZkAt2dsQ6BpIerJpTkfP7v_UwpR0404

170 B
188 B

406ms
200ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3zzGfjtWr0vNP6yqhqFWpX4Mj0ccFaIM48JkrY1Ta8ZHaHIaiE4m8KeM9q6LfZkAt2dsQ6BpIerJpTkfP7v_UwpR0404

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-3zzGfjtWr0vNP6yqhqFWpX4Mj0ccFaIM48JkrY1Ta8ZHaHIaiE4m8KeM9q6LfZkAt2dsQ6BpIerJpTkfP7v_UwpR0404
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D63E
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEKY1fhcApDs8hXWwFRmnalI&google_cver=1&google_push=AZmPxg-Xb5ZLJTn5HaUO43i73L6pFBZEEyaDzSjWzlXjGBdMHcmWXQUYKJ_nfOUoEOKrASzJML_6BU0OiwSTviPs54I9mcNt4mYC
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-Xb5ZLJTn5HaUO43i73L6pFBZEEyaDzSjWzlXjGBdMHcmWXQUYKJ_nfOUoEOKrASzJML_6BU0OiwSTviPs54I9mcNt4mYC&google_hm=Zzc5MzA2ZTE2ZDViNjE0...

170 B
232 B

498ms
196ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-Xb5ZLJTn5HaUO43i73L6pFBZEEyaDzSjWzlXjGBdMHcmWXQUYKJ_nfOUoEOKrASzJML_6BU0OiwSTviPs54I9mcNt4mYC&google_hm=Zzc5MzA2ZTE2ZDViNjE0YTI0MmM=

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-Xb5ZLJTn5HaUO43i73L6pFBZEEyaDzSjWzlXjGBdMHcmWXQUYKJ_nfOUoEOKrASzJML_6BU0OiwSTviPs54I9mcNt4mYC&google_hm=Zzc5MzA2ZTE2ZDViNjE0YTI0MmM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D63E 0
49 B 581ms
193ms Image
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHBohdYAsnFP8lWvuoyg02g-MG6m8PprDTdnkPuoj1abrhfSGr5tAtBQyuTtqI5hzBNRmF

Requested by

Host: 7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
URL: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 287ms
287ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=814.640625&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=21187691327&rx=13842573526&cu=1666685757793&m=7653&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=814.640625&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=1&ag=1176&an=31&gi=1&gf=1176&gg=31&ix=1176&ic=1176&ez=1&ck=1176&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1176&bx=31&ci=1176&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=61&ah=1005&am=61&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=462383273&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:05 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 494ms
191ms Ping
text/plain 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-2M5GYNY1YS&gtm=2oeaj0&_p=557192675&cid=1358645078.1666685760&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dr=&sid=1666685760&sct=1&seg=0&dl=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&dt=wayofmart2710%20Profile%20and%20Activity%20-%20Halos%20Heaven&en=scroll&ep.content_type=other&ep.ad_block_status=false&ep.community=halosheaven&ep.vertical=sbnation&ep.network_community_groups=sbnation%3Ahalosheaven&ep.scroll_subscription=false&ep.unique_pageload_id=0e4e953f-c30a-4fc8-9785-3f8b071d2675&ep.ITM_source=&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2M5GYNY1YS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f102.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.halosheaven.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 283ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=814.640625&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=21187691327&rx=13842573526&cu=1666685757793&m=7653&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=814.640625&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=1&ag=1176&an=1176&gi=1&gf=1176&gg=1176&ix=1176&ic=1176&ez=1&ck=1176&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1176&bx=1176&ci=1176&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=1764699074&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:05 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame B8C6 43 B
479 B 317ms
317ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=068b5ad6-6783-4ca0-9dbe-cf6f2bc3eaea

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WPP29DKRGT824BVX4NT5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B8C6
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4300fa0f-3802-41ed-a846-367c50f09d0d-63579b47-5553&gdpr=0&gdpr_consent=

68 B
279 B

197ms
197ms

Image
image/png

3.1.247.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4300fa0f-3802-41ed-a846-367c50f09d0d-63579b47-5553&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.1.247.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:07 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=4300fa0f-3802-41ed-a846-367c50f09d0d-63579b47-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B8C6
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=

68 B
279 B

197ms
197ms

Image
image/png

3.1.247.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.1.247.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:06 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B8C6
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://sync.srv.stackadapt.com/sync?nid=15
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-635326eb-b5d3-4ba6-40e3-c51b529242d7$ip$173.245.209.182

68 B
279 B

199ms
197ms

Image
image/png

3.1.247.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-635326eb-b5d3-4ba6-40e3-c51b529242d7$ip$173.245.209.182
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.1.247.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:07 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Location: https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-635326eb-b5d3-4ba6-40e3-c51b529242d7$ip$173.245.209.182
Date: Tue, 25 Oct 2022 08:16:07 GMT
Connection: keep-alive
Content-Length: 173
Content-Type: text/html; charset=utf-8

GET
H2

200

v1
match.sharethrough.com/sync/ Frame B8C6
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7422719982403516301

68 B
279 B

197ms
197ms

Image
image/png

3.1.247.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7422719982403516301
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol: H2
Server: 3.1.247.163 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-247-163.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://match.sharethrough.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:06 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
AN-X-Request-Uuid: 1370a92e-477d-49ac-8676-2afc9a060f64
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=7422719982403516301
Connection: keep-alive
X-Proxy-Origin: 173.245.209.182; 173.245.209.182; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 87E4 36 KB
16 KB 191ms
191ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 18:27:33 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 29F6 43 B
479 B 721ms
305ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=83a74cd9-4706-8f11-be68-8f138f10320e

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7W0YRBB7J5PYV0ECXZP3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 29F6
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=db7130a4-5bac-34eb-7e66-0d84e723f9ee&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=56237bbd-e9eb-4419-825e-9718d14702e9&ttd_puid=db7130a4-5bac-34eb-7e66-0d84e723f9ee&gdpr=0&gdpr_consent=

43 B
323 B

199ms
195ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=56237bbd-e9eb-4419-825e-9718d14702e9&ttd_puid=db7130a4-5bac-34eb-7e66-0d84e723f9ee&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=56237bbd-e9eb-4419-825e-9718d14702e9&ttd_puid=db7130a4-5bac-34eb-7e66-0d84e723f9ee&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 29F6
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ebRsCo8X8AAP0G5EcAAAAA

43 B
106 B

201ms
200ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ebRsCo8X8AAP0G5EcAAAAA
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 48
Date: Tue, 25 Oct 2022 08:16:06 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":48,"gdpr":false,"ipv4":"173.245.209.182","key":"Y1ebRsCo8X8AAP0G5EcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40138"}
X-SO-Key: Y1ebRsCo8X8AAP0G5EcAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40138
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1ebRsCo8X8AAP0G5EcAAAAA
Cache-Control: private
X-SO-HostName: a-ad40138.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 0
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-IP: 173.245.209.182

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 29F6
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdOLcl0s2i5Pks8ADv76NP9igs8AAAGEDjaMNA

43 B
106 B

194ms
194ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdOLcl0s2i5Pks8ADv76NP9igs8AAAGEDjaMNA
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
via: 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN52-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AdOLcl0s2i5Pks8ADv76NP9igs8AAAGEDjaMNA
cache-control: no-cache
content-length: 0
x-amz-cf-id: 6npLYAd12umKUS6NQypcQzx3sdlicQIUB-ruu8WYDbBPgQDBkaVHtg==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 29F6 170 B
243 B 198ms
197ms Image
image/png 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZjcxZWUzNmUtOTJkYi02YTRmLTZiODYtNTczZDJkYzEzNzhl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 29F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEErLYXjyxcMSObzp7PkSO0g&google_cver=1

43 B
106 B

194ms
193ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEErLYXjyxcMSObzp7PkSO0g&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEErLYXjyxcMSObzp7PkSO0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame D940 36 KB
16 KB 192ms
191ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 18:27:33 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B5A5 32 KB
10 KB 282ms
281ms Script
text/html 23.15.148.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.148.136 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-15-148-136.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 08:16:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Oct 2022 18:37:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37234
Connection: keep-alive
Content-Length: 9455
Expires: Tue, 25 Oct 2022 18:36:40 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 282ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=814.640625&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=21187691327&rx=13842573526&cu=1666685757793&m=7654&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=814.640625&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=1&ag=1176&an=1176&gi=1&gf=1176&gg=1176&ix=1176&ic=1176&ez=1&ck=1176&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1176&bx=1176&ci=1176&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=1614259296&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:06 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame FA73 43 B
855 B 636ms
305ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1ebRTOKsrD5PWHrzWdF2AAAFNgAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9VCE5QFTXG4K45W93N5Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FA73
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1ebRTOKsrD5PWHrzWdF2AAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKU7bYlTn-tDIzzTIsRyAH0&google_cver=1

43 B
766 B

198ms
198ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKU7bYlTn-tDIzzTIsRyAH0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKU7bYlTn-tDIzzTIsRyAH0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame FA73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1ebRTOKsrD5PWHrzWdF2AAAFNgAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_cver=1

43 B
556 B

209ms
209ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 75f982197899a80b-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELaubsHN_wwuEN8EIfdxDDM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FA73
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&expiration=1669277766&gdpr=0&gdpr_consent=

43 B
766 B

813ms
200ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&expiration=1669277766&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=56237bbd-e9eb-4419-825e-9718d14702e9&expiration=1669277766&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FA73
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQ28U7GrzcAACDpMexXyw&expiration=1667895367

43 B
766 B

198ms
198ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQ28U7GrzcAACDpMexXyw&expiration=1667895367
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAQ28U7GrzcAACDpMexXyw&expiration=1667895367
Date: Tue, 25 Oct 2022 08:16:07 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FA73
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682410566&external_user_id=0bd20eca-4119-4412-95d7-4a8a0364e6fc

43 B
766 B

418ms
199ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682410566&external_user_id=0bd20eca-4119-4412-95d7-4a8a0364e6fc
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

date: Tue, 25 Oct 2022 08:16:06 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1682410566&external_user_id=0bd20eca-4119-4412-95d7-4a8a0364e6fc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H2 204 /
csync.loopme.me/ Frame FA73 0
40 B 1147ms
380ms Image
text/plain 35.214.174.31
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.174.31 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 31.174.214.35.bc.googleusercontent.com
Software: _ /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:07 GMT
server: _

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame FA73
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7422719982403516301

43 B
766 B

667ms
201ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7422719982403516301
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
AN-X-Request-Uuid: 89a36a8a-9510-4b3f-b4f1-223b65ce5964
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7422719982403516301
Connection: keep-alive
X-Proxy-Origin: 173.245.209.182; 173.245.209.182; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame FA73 43 B
479 B 305ms
305ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y1ebRTOKsrD5PWHrzWdF2AAAFNgAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J7EBS1EWQJ2GC1VMBAQ5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 281ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=162.5&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&cu=1666685757793&m=7856&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=162.5&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=1&ag=1126&an=82&gi=1&gf=1126&gg=82&ix=1126&ic=1126&ez=1&ck=1126&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1126&bx=82&ci=1126&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=164&ah=1005&am=164&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=2032187265&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:06 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B5A5 284 B
934 B 823ms
198ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 0ed95c36ed1932be3ba76fc523a6e179
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 284ms
283ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=162.5&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&cu=1666685757793&m=7856&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=162.5&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=1&ag=1126&an=1126&gi=1&gf=1126&gg=1126&ix=1126&ic=1126&ez=1&ck=1126&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1126&bx=1126&ci=1126&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=723905037&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:06 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 881C 42 B
263 B 504ms
203ms Fetch
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8TnBdCT9WV8IfZuNMQ0Dvvm2rh0oRz0BgK19wIWihUy8cmB9IRR9Oqp9PmJJsGIHI_0ZF-iULgCdjIA09IgAQcBV-PMv0LAxg3RQWm80nbhtC3aF4hiZPiigq-0Rt8KH0kuDe8CKUatgKKOXsOwTd6EQDAc9-uQHkpoIFsHEc1Y8b0OpSopE82MOl-oJHiysbYwA9mg4FI-tEBH3eSJRxqXOJx2wezRarQSS6Yp8o0ynT_B25fDpwAI14N0UQwPuJdodt_qgopQrgkQQAj9YRC1s1mg1JrPd9ZgkN9jUXRaie4gTQwjDX140xVjgp3oOjlyCn0ZLeIA74FyERrnMtvCqhkrqz1GUT6UU5gDoHGtkzNRf6I7i3iiWojEInWreVbekpOAws0QFXoWaFporugeiyVym6etlvuzjrBTyKwcnDJmUSaLN0-HeylrTIVFWPntTD_QT7cwJ8srajqPi7xK7c5EpqsPrEnyUH0b3DFbD6_hlc80jfY2aslATtyFitYZ8OQcowBl1Mxs5TFixDrcaFxOoLiajr9qhDmFZl2Uc5P-W_FF3OvALVU96znbP7Ow9H8DWIM7clQQHQ_bINK72hH29qIgnZ_4IxwM5KSIWLOsN3vX0jjfW8sy4RdUdATigpIh194DGaWtkt3mD3kRJwEDyfx1PYxEGOZM3waceiaXC2fS4noiZH4wzKYvvfCV5rjjSaURkTF1cdFg9Yi9HBWbFw7026qxii4MbD4OWLqGUyqYyEdp8bOsaFGGTdiG0xpcLE7Z3uLpP2hbKF9HzHFfPPZdf1lgtoZ0dmqsT-SepQyA8a3UxU1eLj06piQIhxFJDNkDBGJt86mGfnz-vnJlpRzvgcFPZAwDJElpMQIEln6xxtAgGrgQEpuJr2vhEnXDTpi0GnJ_3zbbJsrv2rwXbYVFVR0P4D1pQfdk1z4eOsbw0ttSlqMPNb9IfL0XQ72HAAZZe0xOcDGcQsKLR6Fyej1ott5vOYrAm7jkNvdVCk9lZlbkXYOT_8wNbMtn-Kp4AyVP6fs9RuMAGU2Srn1L7kElVcqRmUR4AkE_WTEQ2nTtSDJ5VSwtweCU2-GfIiT2lMtgLV9NTOyD8wHbbTb8x4aRDFzrAxqQ&sai=AMfl-YS9xdY79mFfK2TSxoqal2vWqtIgjlOEU-p6J9F-niqOtGfWbiPa8gjoBrYvlaDCm7jvNe1gmt0Ty5Fo-25pFdhS7HOr8zYDpHvrIDW6xgDdXTB4AR7s_X6wMtUQ6Lrtnpxb056K-qUnkNo&sig=Cg0ArKJSzBTKC4cdVVfTEAE&cid=CAASFeRoa-N_r7voBUaq53aMzlqNQjC_Rw&id=lidar2&mcvt=1000&p=163,315,253,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=22&adk=3144208821&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666685763593&rpt=2228&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
14 B 377ms
376ms XHR
text/plain 34.107.222.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.222.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 08:16:07 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 282ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=162.5&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&cu=1666685757793&m=7857&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=162.5&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A0%3A6587&as=1&ag=1126&an=1126&gi=1&gf=1126&gg=1126&ix=1126&ic=1126&ez=1&ck=1126&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1126&bx=1126&ci=1126&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=0&wb=1&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=1940247787&cs=0
Requested by: Host: www.halosheaven.com
URL: https://www.halosheaven.com/users/wayofmart2710
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DD5 42 B
64 B 489ms
207ms Fetch
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuShmJFSm0thnM_gt6Ytq2_DlKyWPwIekBg4mNxSPudP6kyZuqVFHra2-G210TFG7nhjgwgzVnAx6C5mrnhlHGm3DXHwFKydfL8Rh7xHh0rwVRu8QSie5clGGnOSNwwNwqImV5_0PWTeG8HdYMhXW9yMhMN9lsfLxvz8-DRB_lhu4WVdo0m4Iy3k_vRVzB9Dl9HPhlOZhfdzPhPr0q0eM1YrK1VEV_GS2BZeFZlTJwEaMzws1WKK0bwqwqAlrb-6FSMFpQzQIarG9Mke4AZejzIEM6VN7nS5skzZ_8az_-jVC1ErkWozDvKONvjp--depxAbYuN4XbcAACRRMeziK5ky_rM_U90b-JyfM3jlPsBCf0dtLAWmqnX3nGKy46gIZ1LXrgr1I7eeNkMe-41d9hNEHQ_rnwc6pW84eAnEvAWDALXHYRqxG2hRwbfMWnouIDy5zeBDzLZM6Fug2IS6uMr4SQP7TO3qbVbTo-0qWFiYuc1Tvq1fsxHZZRltHNIM9tZwBc4IXWAARJrA7Z-6UzECBWhGy6GZ9oaV4ck4GZ2jkKli0WATbT86x5_Gfw-Z3tG1wD5VWeKYaCeLZJTz80arwHmKuwEMrqWvTtlKclkbOohAzrZSBLLHk0xJ-DhMgpLbwZuiV6Do9PnEXGQVNBS_LOZEX7r16O-jfh4kxR1U4gpoo2RWdkbUvpwo7PYq5HaP8c9ujLKwFcpwtHOtu1qmHWt4ZK3LsOmJuI3tNyK1nex3haRVDs6L4wR3dqoR58nO52krUlgXvprj_4fc6OHdhGr0EjcPFBpJlJUmxbNyUXSmxKozLC1HcohOWu-P1guRRIeKwZVSS-mSoVwEZRXRXvzZb00Jd7rqYNK9PwMXtjKKnPhNHNfOaLVIw4-RRZxCQ0eh01yemMJKFGEueHAbE-AYvg59ZLCsLPXEP40WnATEL4R7zSR-48h1CQ5GNOufmYEuSdcixAXNMuI7Vip7PYS4SjuTqeiBa9PVNOYq9j7ydkIeHpvOZJPkG5qmtJm5lI01icIHteGx3Vyfi8m_TE69JI-kZNydSPCIOGJov9mkcSgsgrh0R5R_Yts3NP0bQ8gR8cO3bgES_gQAGx_sNtViBc_FD2MAnD2MWlxYh-n9A&sai=AMfl-YTv9Tti7YSZkHd0dx9_Cpodg5lfyTwjPuMr-s_6QhO_LnVGQaL115LpDgduPhT6w4SNLvqYVdCWI8ABABwO7UKqiwiZ9Ynf-Wwt7Zuit_RNvrLS8QOa5X_Wesa-cn8ktT-aVbp9TFESQgY&sig=Cg0ArKJSzOCs3wPhSGgDEAE&cid=CAASFeRoM5k0ZPpV1mHWPmzkt-Vv9bPm_A&id=lidar2&mcvt=1000&p=815,436,905,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3546638428&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666685763792&rpt=2139&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B5A5
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9NXO8FV-1U-2KX6
https://s.amazon-adsystem.com/ecm3?id=L9NXO8FV-1U-2KX6&ex=d-rubiconproject.com&status=ok

43 B
479 B

307ms
307ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=L9NXO8FV-1U-2KX6&ex=d-rubiconproject.com&status=ok

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CBCM7R1CA5VZKJHNPRPP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=L9NXO8FV-1U-2KX6&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ace9692b4e77bdf741ff63add80edaca
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B5A5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Bq353k_dTXOM2G9BLazDZg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Bq353k_dTXOM2G9BLazDZg

43 B
479 B

319ms
318ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Bq353k_dTXOM2G9BLazDZg

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VFRYB5QTJZN6JP11SMQ4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Bq353k_dTXOM2G9BLazDZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B5A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKZSz64NzePPai-HmunzD7c&google_cver=1

42 B
691 B

777ms
196ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKZSz64NzePPai-HmunzD7c&google_cver=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKZSz64NzePPai-HmunzD7c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame B5A5 43 B
855 B 1598ms
455ms Image
image/gif 52.95.118.179

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.118.179 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 08:16:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GPSRXJKSDRS42CCP6R3W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIyOTEyMWUzYjRlZDRhOTY5MGRjMGMyZWNmNmYxNzI3NTFmOGJmNA

170 B
188 B

196ms
195ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIyOTEyMWUzYjRlZDRhOTY5MGRjMGMyZWNmNmYxNzI3NTFmOGJmNA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIyOTEyMWUzYjRlZDRhOTY5MGRjMGMyZWNmNmYxNzI3NTFmOGJmNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B5A5
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

774ms
194ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=56237bbd-e9eb-4419-825e-9718d14702e9&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOWE84RlYtMVUtMktYNg==

170 B
188 B

200ms
199ms

Image
image/png

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOWE84RlYtMVUtMktYNg==

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-sharethrough_pm-db5_rbd_n-vmg_rx_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 08:16:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlOWE84RlYtMVUtMktYNg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame B5A5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NXO8FV-1U-2KX6

0
143 B

268ms
267ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NXO8FV-1U-2KX6
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:08 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FDE75A85D63A451F9C31A4C5FC9F03BF Ref B: SYD03EDGE1516 Ref C: 2022-10-25T08:16:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXr14Un4JGk82gIdNtadw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9NXO8FV-1U-2KX6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B5A5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/vh941p9qYtuvwU1xue3qo8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6829549171894024280

42 B
691 B

195ms
195ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6829549171894024280
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: c80248407eff6cf595ce43a76c04e23f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 25 Oct 2022 08:16:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6829549171894024280
content-length: 0

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
157 B 378ms
378ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: a992b285eb37fafa03083a4fea5d312b8222e42373888fc07920b6ef0bb1cac9

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Oct 2022 08:16:07 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.halosheaven.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 199ms
198ms XHR
application/json 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

38e6e57dd337fe6a1609c18ad06d624b12e4829fe71f0780bdc71962ac021651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11295
x-xss-protection: 0

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 383ms
383ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=false&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.halosheaven.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 08:16:08 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1220ms
919ms Script
text/javascript 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js?cb=31070528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 08:16:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 54ED 13 KB
5 KB 192ms
191ms Document
text/html 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 29225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 00:09:04 GMT
expires: Wed, 25 Oct 2023 00:09:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2568 783 B
534 B 195ms
195ms Document
text/html 74.125.130.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f99.1e100.net

Software

GSE /

Resource Hash

f61b137e7c3cca9639e91377fcc9c3ead8b7879ddfde76a7bc6ded71d39731e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XD5j-mtX6NXXgf1uq1bfDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.halosheaven.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-XD5j-mtX6NXXgf1uq1bfDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 08:16:09 GMT
expires: Tue, 25 Oct 2022 08:16:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 284ms
284ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=814.640625&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=21187691327&rx=13842573526&cu=1666685757793&m=11489&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=814.640625&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A16644%3A6587&as=1&ag=5013&an=1176&gi=1&gf=5013&gg=1176&ix=5013&ic=5013&ez=1&ck=1176&kw=1005&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5013&bx=1176&ci=1176&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4842&cd=1005&ah=4842&am=1005&xd=00&rf=0&re=0&wb=2&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=1660457550&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2568 0
0 198ms
197ms Image
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=3390876522073102&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 54ED 36 KB
16 KB 191ms
191ms Script
text/javascript 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 18:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 18:27:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 282ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=162.5&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&cu=1666685757793&m=11897&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=162.5&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A16644%3A6587&as=1&ag=5167&an=1126&gi=1&gf=5167&gg=1126&ix=5167&ic=5167&ez=1&ck=1126&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5167&bx=1126&ci=1126&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5043&cd=1005&ah=5043&am=1005&xd=00&rf=0&re=0&wb=2&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=168502716&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 54ED 0
10 B 191ms
191ms Image
text/plain 172.217.194.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2U75Qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: si-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:16:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 282ms
281ms Image
image/gif 23.72.45.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=sbn&zMoatAdUnit2=mlb&zMoatAdUnit3=halosheaven.com&wf=1&ra=3&pxm=8&sgs=3&vb=5&kq=1&lo=2&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=VOX_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-f9sEUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-5g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=5&h=90&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=162.5&zGSRC=1&gu=https%3A%2F%2Fwww.halosheaven.com%2Fusers%2Fwayofmart2710&id=1&ii=4&f=0&j=&t=1666685757793&de=626993859463&rx=13842573526&cu=1666685757793&m=12099&ar=e27dbc83ae5-clean&iw=b9342c1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=162.5&lb=1330&le=1&lf=2944&lg=1&lh=6&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4308%3A4308%3A16644%3A6587&as=1&ag=5369&an=5167&gi=1&gf=5369&gg=5167&ix=5369&ic=5369&ez=1&ck=1126&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5369&bx=5167&ci=1126&jz=1005&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5249&cd=5043&ah=5249&am=5043&xd=00&rf=0&re=0&wb=2&zMoatCustomParams=NaNcontinuous&cl=0&at=0&d=23785264%3A447600304%3A5146287266%3A138308553896&cm=1&bo=sbn&bd=halosheaven.com&gw=voxprebidheader841653991752&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&jk=-1&jm=-1&tc=0&fs=200656&na=227501038&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.156 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-156.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Tue, 25 Oct 2022 08:16:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 08:16:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 195ms
195ms Image
text/html 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=3390876522073102&bg=!1dal1pLNAAaaxvStusY7ACkAdvg8WgOlEwRogda86i4ExluuBN1hNdv33V6nXhkVwo0bCHzfXp343QIAAABTUgAAAAJoAQeZAqCUkGYLHDXNtarxFu-_R1sHTFJFBNc3fDrY_ykhLhDUxjtM-HBGHyoRbxoJ6a71VwK-TdwnQSo-7gSIBNvhN_6Sj4q9TxcGPU20N2VSQiB9oVEI3St_gT188yVG-vBOVIs5Fqx5KFs1tlWSHA5ksCqwYhKIORgusQ4skpJlrubT8WzG0vtYRHq8Mw9sIGk6YF-HFXfs7xoYkezEBX98CBwyJQV--bCFCMHhm-57KDFyIJdxgSQQZOS-3L4AB5otDYiV3P-kRXCDhid3Vb3KDxdd-HKqZcR29Tl-_hWnqCkoCBZJACcy7GlNAPl3ZVPB2EfPEM55ftYN5O3vmzUOlpbdQq1RQxojqxDOw4Q2z4VrdBD1d3-8CE_tNNLpky-NywH4I-zyCW8-Qb3Dm94p6L2u8uRHxoLfSLas0SG-RvkuOdD6W-qbJlWhxw_jBQ9ht0ka5EMpTztsQU7FT82a6m1A_OF9p8spvc4FUwMoT_mgh7EWVyxPBXdV51ZJMh-wiqHOecUgRF218OAbo8R6omq5oGyCbPa_ZrllYPl7xE7Rh7bb7X0R2Pi4MMssDqzSFbCs25RPlfzLkTl0_TF06HGWVeL67ioEgjG8uvFZCh0OPbOKKNRJEKYjMlPgtHbPtjaordqiW_ILa9Y_WNwAEtz7OpqASs189SSOPhMATdtG4vKSLJs1JkmvIFIapY8NRwCfei8ZH_8PN8UqgjKtj6Hyu69PeK19lKS7ypNPMjBdmZpdwkXkHHHc4JVbTqqxOB-b5mOwO7G8ZPeAfRQS2k5JTPlIscIrm8PcRCbCuxmWlUzSQ1J42hqLeZQqfoAPZsVWg5Du9hrNxiR-0V3hicjqMNQfx43MAeTDxmYOQphus-DlMjugrSn4CAZmPxZxQ3E
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.halosheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync	1970-01-20 09:07:41	Name: _pdfps Value: %5B%2214285%22%2C%2222691%22%2C%2222715%22%2C%2223231%22%2C%2223238%22%2C%2227179%22%2C%2227257%22%2C%2227267%22%2C%2229301%22%2C%2234913%22%2C%2234914%22%2C%2234916%22%2C%2234917%22%2C%2240776%22%2C%2256587%22%2C%2273555%22%2C%2279117%22%2C%2281392%22%2C%22112273%22%2C%22112274%22%2C%22112275%22%2C%22112276%22%2C%22112277%22%2C%22112278%22%2C%22112280%22%2C%22112281%22%2C%22112282%22%5D
www.halosheaven.com/	1970-01-20 06:59:32	Name: _chorus_geoip_continent Value: OC
www.halosheaven.com/	1970-01-20 15:43:41	Name: chorus_preferences Value: {%22v%22:1%2C%22privacy%22:{%22cookies%22:%22none%22%2C%22doNotSell%22:false}}
www.halosheaven.com/	1970-01-20 16:34:05	Name: _vm_suid Value: 0c4ac892-a723-4375-8512-89b0eb4d7320
.www.halosheaven.com/	1970-01-20 16:34:05	Name: vmidv1 Value: 7a2cadb5-be2a-4563-ad5b-ec38d75050e3
www.halosheaven.com/	1970-01-20 16:34:05	Name: _vm_uid Value: eaf5a437-913a-4553-921c-70e6b6668d90
.halosheaven.com/	1970-01-20 06:58:09	Name: AMP_TOKEN Value: %24NOT_FOUND
.halosheaven.com/	1970-01-20 06:59:32	Name: _gid Value: GA1.2.493559.1666685760
www.halosheaven.com/	1970-01-20 06:58:07	Name: sailthru_pageviews Value: 1
.halosheaven.com/	1970-01-20 06:58:05	Name: _dc_gtm_UA-16183787-1 Value: 1
.halosheaven.com/	1970-01-20 16:34:05	Name: _ga Value: GA1.2.1358645078.1666685760
.halosheaven.com/	1970-01-20 06:58:05	Name: _dc_gtm_UA-1367699-1 Value: 1
.adsrvr.org/	1970-01-20 15:43:41	Name: TDID Value: 56237bbd-e9eb-4419-825e-9718d14702e9
.halosheaven.com/	1970-01-20 16:19:41	Name: __gpi Value: UID=00000b6c385caf26:T=1666685761:RT=1666685761:S=ALNI_Mbso6gANkdr-dD_Gh1WmdtR3M1wcQ
.rkdms.com/	1970-01-20 15:43:41	Name: sessionid Value: h-b3acd910f292d5db0f6e2752d0d118e3_t-1666685761
www.halosheaven.com/	1970-01-20 06:59:32	Name: _lr_geo_location Value: AU
www.halosheaven.com/	1970-01-20 07:41:17	Name: _pbjs_userid_consent_data Value: 3524755945110770
.halosheaven.com/	1970-01-20 07:41:17	Name: pbjs_sharedId Value: 21a5be54-8b6d-444e-b4e4-375bad8337fe
.t.co/	1970-01-20 16:34:05	Name: muc_ads Value: ac658066-177e-4031-97a9-cb34785e989b
.twitter.com/	1970-01-20 16:34:05	Name: personalization_id Value: "v1_n3Y7D9N9qjo/61sHlVloyQ=="
.scorecardresearch.com/	1970-01-20 16:34:05	Name: UID Value: 1F305093c88d1bd13f553ea1666685762
.halosheaven.com/	1970-01-20 11:20:10	Name: permutive-id Value: 7435d6d0-75af-40fc-b0b7-9e66b5324a73
.halosheaven.com/	1970-01-20 16:19:41	Name: __gads Value: ID=26411d5c86c3492a:T=1666685761:S=ALNI_MbH8SVPJKIifA68xz38XYQZMvnQqg
.doubleclick.net/	1970-01-20 16:34:05	Name: IDE Value: AHWqTUl4ggyryIWtRv1YqMlQTWbtKSfq9hXk_xAOpw1K9EkJdJHtNnSAetLYEHZSjts
.d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/	1970-01-20 09:10:34	Name: pxid Value: 4b504d66-af49-444b-95a3-b2424be5b9c6
.amazon-adsystem.com/	1970-01-20 12:56:39	Name: ad-id Value: AyzWMFvCCEFRt_iTAkxSVXY
.amazon-adsystem.com/	1970-01-20 16:34:05	Name: ad-privacy Value: 0
.adnxs.com/	1970-01-20 09:07:41	Name: uuid2 Value: 7422719982403516301
.openx.net/	1970-01-20 15:43:41	Name: i Value: 08dd0ffd-f22b-0b1c-24b0-c56c8304ca13\|1666685765
.3lift.com/	1970-01-20 09:07:41	Name: tluid Value: 2974799449007580493830
.casalemedia.com/	1970-01-20 09:07:41	Name: CMPS Value: 4705
.sharethrough.com/	1970-01-20 07:41:17	Name: stx_user_id Value: 068b5ad6-6783-4ca0-9dbe-cf6f2bc3eaea
.openx.net/	1970-01-20 07:19:41	Name: pd Value: v2\|1666685765\|jElYiuvOhI
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:43:41	Name: bcookie Value: "v=2&bfba1b87-0d01-4b3e-8a56-35f1adf539e5"
.linkedin.com/	1970-01-20 06:59:32	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2507:u=1:x=1:i=1666685765:t=1666772165:v=2:sig=AQGyIjBLO-waZLyb5FtpMwQZQCc3B7Gu"
.analytics.yahoo.com/	1970-01-20 15:43:41	Name: IDSYNC Value: 18y3~27ww
.media.net/	1970-01-20 15:43:41	Name: visitor-id Value: 3096873656837430000V10
.yieldmo.com/	1970-01-20 15:43:41	Name: yieldmo_id Value: g79306e16d5b614a242c%7C1666685765911%7C0%7C
.yahoo.com/	1970-01-20 15:44:03	Name: A3 Value: d=AQABBEWbV2MCED90zd-u4obN15GnJsu5vXwFEgEBAQHsWGNhYwAAAAAA_eMAAA&S=AQAAAuI_RIM1cjGBvxZ19jYz-BI
.casalemedia.com/	1970-01-20 15:43:41	Name: CMID Value: Y1ebRTOKsrD5PWHrzWdF2AAA
.casalemedia.com/	1970-01-20 09:07:41	Name: CMPRO Value: 5336
.simpli.fi/	1970-01-20 15:45:08	Name: suid Value: A90D99DE6B00492A838E53B1C7D0FAC8
.tribalfusion.com/	1970-01-20 09:07:41	Name: ANON_ID Value: aunsIHwl6h6bQQwbQQqZcZcXeIFIq62DdhZc4nDqk9F8UtgrO4TpIr8YABAjuiMpZcaZbyZaeDu61W3Tk6QtfbZbv8kbLTN
.yahoo.co.jp/	1970-01-20 15:43:41	Name: XA Value: b643h4hhlf6q6&sd=B&t=1666685766&u=1666685766&v=1
.yahoo.co.jp/	1970-01-20 16:34:05	Name: XB Value: b643h4hhlf6q6&b=3&s=ef
.1rx.io/	1970-01-20 15:43:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004%22%7D
.openx.net/	1970-01-20 07:19:41	Name: univ_id Value: 537072971\|56237bbd-e9eb-4419-825e-9718d14702e9\|1666685766089830
fksnk.com/	1970-01-20 07:08:10	Name: AWSALBCORS Value: VgoB2PxJOFxpqoVJZg7YSSalJmq6SCxZ+dJG2ZZMjcHoXxIQqtY+vYoo34HcRcMz7HXlrqlSYqmueMLfikqUfSPSh121YA2CA01lGxyn3E9SE8PDk+pcMgLMr8Ft
.fksnk.com/	1970-01-20 09:07:41	Name: f_001 Value: E1E064A39FE433A6
.fksnk.com/	1970-01-20 06:59:32	Name: g_001 Value: 1
.r-ad.ne.jp/	1970-01-20 11:17:17	Name: r_ad_token Value: 5188G600kBDAY008XZHz
.ladsp.com/	1970-01-20 06:58:09	Name: cr Value: 1
.company-target.com/	1970-01-20 16:34:05	Name: tuuid Value: 0bd20eca-4119-4412-95d7-4a8a0364e6fc
.company-target.com/	1970-01-20 16:34:05	Name: tuuid_lu Value: 1666685766
.socdm.com/	1970-01-20 16:34:05	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjY2Njg1NzY2fQ
.targeting.unrulymedia.com/	1970-01-20 15:43:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8d3d78f-cde3-4977-a428-c250bad4be8e-004%22%7D
.ladsp.com/	1970-01-20 16:34:05	Name: smn_uid Value: 8X8ISDaIsbPBFc-A-B5dyw7--jT_YoI
.ladsp.com/	1970-01-20 16:34:05	Name: lum Value: CLSY2vHAMBIFCAMQ0AU
.sitescout.com/	1970-01-20 15:43:41	Name: ssi Value: 4300fa0f-3802-41ed-a846-367c50f09d0d#1666685767006
sync.srv.stackadapt.com/	1970-01-20 15:43:41	Name: sa-user-id Value: s%3A0-635326eb-b5d3-4ba6-40e3-c51b529242d7.RoRXmpUI%2F388R0wR%2FZFZZRxESpdbgXc2S%2Fn8WRyOuU4
.srv.stackadapt.com/	1970-01-20 15:43:41	Name: sa-user-id-v2 Value: s%3AY1Mm67XTS6ZA48UbUpJC16310bY.od%2FmiC%2FtHI9tBVQXh6pxpGjJSDBYF00Sh%2BYtnfyv7Sc
.rubiconproject.com/	1970-01-20 15:43:41	Name: khaos Value: L9NXO8FV-1U-2KX6
.casalemedia.com/	1970-01-20 09:07:41	Name: CMTS Value: 4694
.adsrvr.org/	1970-01-20 15:43:41	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIxoO4peaamzsQBRIVCgZjYXNhbGUSCwiymdCm5pqbOxAFEhYKB3J1Ymljb24SCwiAzrOy5pqbOxAFGAEgAygCMgsIxvu60vyamzsQBTgBWgxzaGFyZXRocm91Z2hgAg..
.sitescout.com/	1970-01-20 07:41:17	Name: _ssuma Value: eyI0MSI6MTY2NjY4NTc2NzM3OX0
.bidr.io/	1970-01-20 16:26:39	Name: bito Value: AAQ28U7GrzcAACDpMexXyw
.bidr.io/	1970-01-20 16:26:39	Name: bitoIsSecure Value: ok
.halosheaven.com/	1970-01-20 16:34:05	Name: _ga_2M5GYNY1YS Value: GS1.1.1666685760.1.0.1666685767.53.0.0
.rubiconproject.com/	1970-01-20 15:43:41	Name: audit Value: 1\|a8+HprCz7/4jaz05gLcY9E0y+xxiypNDqDKxg8iDqBK1Mnm1d2tbLd2P5kCmhLxttidSCcq2OqTqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.fmpub.net/site/sbnation Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://www.googleoptimize.com/optimize.js?id=undefined Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0 Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://cdn.concert.io/lib/concert-concierge.2.8.0.min.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://www.halosheaven.com').
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEO6QiN_L5U8cirGqupeBN5o&google_cver=1&google_push=AZmPxg8J0Oqxa-PChvdMPZnc7w0a2sEpTcFr-bewvMOfW_xyviuqjTwSoOoRXxbCKLG40Emw1rUsCZy9ry0PaMONTY33PpactYGfEQ Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://sbnation.coral.coralproject.net/api/graphql/live; font-src https: data:; img-src https: data: blob:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31556952; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7686335344ab885dca1fcda02b92cd8a.safeframe.googlesyndication.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
ak.sail-horizon.com
ampcid.google.com
ampcid.google.com.au
analytics.google.com
analytics.twitter.com
api.permutive.com
api.rlcdn.com
api.sail-personalize.com
app.cauly.co.kr
as-sec.casalemedia.com
assoc-na.associates-amazon.com
ats.rlcdn.com
auth.voxmedia.com
c.amazon-adsystem.com
cdn.concert.io
cdn.permutive.com
cdn.vox-cdn.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
concertads-configs.vox-cdn.com
connect.facebook.net
cr-p3.ladsp.com
cs.media.net
cs.r-ad.ne.jp
csync.loopme.me
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geo.privacymanager.io
go.metabet.io
ib.adnxs.com
id.sv.rkdms.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mb.moatads.com
metabet.api.areyouwatchingthis.com
metabet.static.api.areyouwatchingthis.com
onetag-sys.com
pagead2.googlesyndication.com
phonograph2.voxmedia.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pub.doubleverify.com
px.ads.linkedin.com
px.moatads.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
sb.scorecardresearch.com
sbnation.coral.coralproject.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.ads-twitter.com
static.fmpub.net
static.scroll.com
stats.g.doubleclick.net
sync.1rx.io
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.co
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v9999.adv.admeme.net
vtrk.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.halosheaven.com
www.sbnation.com
z-na.associates-amazon.com
z.moatads.com
104.18.13.76
104.18.167.224
104.18.19.126
104.18.25.173
104.19.150.54
104.244.42.133
104.244.42.195
104.254.150.241
104.254.151.36
124.146.215.50
13.107.42.14
13.114.67.130
13.213.127.212
13.224.250.43
13.224.250.82
13.225.2.118
13.225.78.129
13.227.228.153
13.227.254.101
13.227.254.74
13.35.17.5
133.186.161.89
139.5.84.243
142.250.4.113
142.250.4.157
142.250.4.94
142.251.10.132
142.251.10.95
142.251.12.101
142.251.12.157
142.251.12.94
146.75.112.157
151.101.1.52
151.101.194.125
151.101.65.52
157.240.235.1
157.240.235.35
172.217.194.132
172.217.194.154
172.253.118.102
18.176.234.133
18.177.254.176
18.214.21.204
182.22.31.252
192.53.164.96
199.232.192.124
199.232.194.217
199.232.196.124
199.232.198.137
23.15.148.136
23.36.252.26
23.41.65.80
23.72.44.196
23.72.45.156
3.1.247.163
3.38.72.56
34.107.222.173
34.107.254.252
34.120.155.137
34.120.171.7
34.96.71.22
35.214.174.31
35.241.9.51
35.244.159.8
35.247.47.28
51.79.234.100
52.220.103.200
52.223.2.229
52.223.40.198
52.4.99.227
52.46.143.56
52.74.13.196
52.76.134.15
52.94.243.89
52.95.118.179
54.169.0.90
54.176.253.251
66.155.71.149
69.173.158.64
74.118.186.44
74.125.130.99
74.125.24.113
74.125.24.154
74.125.24.97
74.207.242.116
8.43.72.98
99.83.154.140
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11c820859eaf15e6c73f4840ca497ccc0be1cb3db074d4a568f3d01d01a004be
15a799666e244c54c14f1059d6418443a7e25e6a7e6f314ae947382fb47356d1
19c592819d340656421a0ca296e9564cbfbcb69228f56cef708c529fc16217ad
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1d6a7ff35de2ef59e084bc835dbd6531f21150d2464117d2a3e98c3e598c6e47
1e7db2472a7b9c137fcec96acf45c13d9619a53b528b1a09aa43da79532f74f9
2316b7e8fab7f536a1336fe38025c5d27e594d3459f8527fab50a5a1a659386a
242219cc6f493b6b4a6f9c7101a1848b46632fbcd47eb7b05358827a79ce735c
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
310ef08caee00a719c28f76c0d05433d507b5b18b3834a831601b58c008a253f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3200b022bc090a69429bfa42d1d3c697669a73f0b74a8fa6d670222fd1548914
34d7a11406474daed8814dcdb815e7c29720b3da605260a8af540a13c18ef5dc
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3863c8fe39662425302641c551ad77f450fe29ccccaaa547c33525a6a0f97e8a
38e6e57dd337fe6a1609c18ad06d624b12e4829fe71f0780bdc71962ac021651
3e56493b45ccf5db1ca7c5719e1d15fdae2b9077d6c58cc0eb50ca7b2836d057
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d80c14d1fb662011cd86bf885ba38913032082837de25a333b90ad49fc4e68
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
42c0325b5231d196a940322265cebfd9f88db856e400e89e7c84d83d8ca31b2f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442cd1a0c15b7e240b1ad7e86ce94f0b4cb3abd48e4c1f23bf3316927c5d4a5f
44c222b71fc5a7c96494ca23240a52aa346393703d4bb42e8bb7e916f113e5aa
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51960fbad1ca216dcf80003849c367e1cb95ee3e2bd3eeb90269f18df9e3c022
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
5b655e04fdd14f8009f83d28ce7bf647ada65390fe6e0123f10c3edda9ba886c
5e1cd3ccd125af732cb522db3943090790c09e6f696dc74697328f7754fac352
5f7387ddd694cf2a7d655c19fd69ab19bc35136b777d78c2eaf0cbc5f7a2c6b6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
678335dbd8f090be7a2e99486554a46c1211561c09fcb9f49d82d62fb022022d
68aa9818e0d0f8c60c5fc7e2b7921aa1a48a52e72e7da4caae29de34d030a6bf
6a071de3fb0250de3443316c44aed0d4caa280d92249648b17a321ec2a69efbf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aebfc4e8ba630255bcafb813c038ecaaf4ce9294607559e9ff6f2a6ec703b7c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c498325d403fa037d76672816be84dfd42c54fd6219e0835bb7272cc8d4aa16
6cb06c0443c8c63bd69bfc8c5a01a1508ab39793ce7ee7c82b588b9993ce5797
724f05926a5b8718ec98640c38e148f7fafc92f57f17cac1bf38c01193d94064
74f84dab95426a665980e4ae52486f03afbe659aa18c400ecd35ccd3a23a2ec6
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7a023adfd550395882ad5f709709df8f21bfeb2b04ced99e3942222d8f81724c
7bb0695ef1fc0eb29bf0fc3b9eb9d35d5560453479f7aea37d227ec4a84fddbb
7ee5b47792485fbaea494771a2774c786961e0c422b5547e86ba2860226fcd2a
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
810892cc1804928a47f9716dbfb087317d41dcfc303c9cfdf1a6a582a9fb7af6
81bbf9c90de074171b1ac37181a74626a3920a754f1d6d457d7016930935615a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8547fcc521e629f56508db5719b14565570703fa5bd148ec27d5eab211093456
8831dd54c2ae21dc08d6d0fd8d6415e727cb3fdc0b21c50b9f12f999e62540ba
88eaec41e38ebba1f572023870832783ec60721fae640155ea0f082d1276a682
88ed79f1c0feb2ae59e8acc2ed37b1628416576b9d2ed6ceefe532b554355ef3
8a0804364299d9470b773ae9dfcc04b5578d3d744554c77b6bc2022b3b4e9099
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8afbee3a0757f0b48459d6abbf4c923ab9174a90f00d77dcd44f3da78f16f72f
8dead7c8678a67f4fadf86e9f45c351175f8d52a830dcbd8579617d0553a2de6
90966309e33ea46f84a2084924409f8f1e5d4423db426f0caf5799c2206fb672
916b2f764623d75af287b0156c76b7a8bfb58c89c37e5ae0ca473891b5e2f890
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
97ba130b6e7d20603b1985bdf63914995343093d32fa2b8c920f8cd92be6e626
97eb8e4fa5181cd74286f549517e482d55ce966762130de329bb5fe64228d0fe
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9868773395c1330ce24e455894a9e3173a4e8e83e04bc0bb5d2bea2f156935dc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c68b2aacc269439681b9a0d2624d2473595c07e5a2500f191b9517f6a2aac24
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a00c91941d77bde9f1a5b51daa64750db4373ac969ca99b5900744b437289256
a26b61dfba0e872afd05009d770285e59f07aa24889480fb3505b4e686eb3b5e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50ca02f2451a57b7681ae25c4017855bcfd49124f99fdb99994909cb328de22
a5457128174d931326d6e2819cf1b529e685c64d2154005833b46ec4d8aed8d9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79acf7751feb2dd66faa5099ed015fdf83956d1c05dda0968b3132b34ab17fd
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a992b285eb37fafa03083a4fea5d312b8222e42373888fc07920b6ef0bb1cac9
aae6549753eb3dc6cf108c8b665bfb0a45419ee7358064f86a07cac3a0361f4c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
accd17c4fac80834933fd1ba9e65018ac96f07d8bededd636ab1f87d5284c04e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b422b3e5631c964086a305e78f03d631a913043cac9119fdf5b64d83184bfaf0
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b626fd533d5ee36612e495f8281d9e35ba741a46ebe54334f45ae527d6e4b783
b7b0e1468e0be1a1042e21d8f16d589c2e98a0bdef8a62fe6d6b5ed960c6af3a
b8caf9dc79a637fd2d5495b74f5f2428852fdc2e22c436fd736502c50659911a
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c0d368fc0d3fde4f5301cca4c91e8f8ebd34377fee6dce9e9063d48e3cf33327
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c831673fa914ee41beda19f465be25665a42f9701085549f92a684f0c7da7b79
c980ca79b5ceb9fa87f6e6aea72cabd22b7cc48432aa6b8f0f89e8cf03669133
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c29842cf7952f0484685ce386fd22d85fa0beec14f8b7a531b7deef2df0db4
d4ba76928562bce8621fb91405cad90023c8b20d5d033a02f4c2cb5d1b5d2a62
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d848e3088477bf033f37bd116a70998a02de992ec7b0e73ed9d2f04cb1e5f92e
dd4492416c53a9eaf5e6e21e3f362a93dafb75f3b8d9b730bf97846bf5aa8bbd
e04b9b5f62b3f45458d7fc8c902a2bcc9b801336cc5a4f5efa798f3662a740cd
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e810a3eef0d22a6bdfc83bb56e0e23402d9a8f33c0a449c4260962f226c87db2
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec3b14af21a529bfcf9f501d24ca6d685335b94e2b5c40c5afa459ee751fedf6
ecdc70e0ee72d2265e3906cc82e9a47043e9cf65500de103094d925bb7a3d403
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee993a3cd51bbcc85387e4aa81c1450dcccebbf9d4c2a9142062d288a307db47
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8bce624973e83723060d1eaff847002f27ec49eb0b5c1428eaf6a758cd3092
efeae1cce32bcc6564b97ef983bd80df6d8bd5e2bfd993f44cf0eeba5f957446
f051c3742950bc3ee70503663459c777a92a8cb9f7fe4a5dc5ef09e23b702636
f246f7999a5ad417109c5c937587450910a9d5f421736e2ad3da68719fda0133
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3517ca17f0e9a3851752998b26cb5596d99686aee9bd68bbd625a9e9cd159ce
f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab
f3fd534a6ac2cf399baa861a5aa5698c095c851927f23c1dba643a9831f68feb
f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83
f61b137e7c3cca9639e91377fcc9c3ead8b7879ddfde76a7bc6ded71d39731e6
f6afaffa0f6e72f3e53dd32c7f3d05e2af3ddd7790021d8b5cf2fd945347b87f
fb699593defd64cd64433b394cafc3489ced485fdbba45fff91175fb117d72f6

www.halosheaven.com Open in urlscan Pro 151.101.194.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

238 Requests

83 %HTTPS

0 %IPv6

68 Domains

103 Subdomains

68 IPs

9 Countries

2375 kBTransfer

7953 kBSize

70 Cookies

34 Outgoing links

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.halosheaven.com Open in urlscan Pro
151.101.194.125 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

83 %
HTTPS

0 %
IPv6

68
Domains

103
Subdomains

68
IPs

9
Countries

2375 kB
Transfer

7953 kB
Size

70
Cookies

238 HTTP transactions
5 data transactions