www.hajper.com Open in urlscan Pro
2606:4700:4400::ac40:9878  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.hajper.com/sv/sportsbook/sports/513-hundringen/upcoming/ HTTP 301
   https://www.hajper.com/sv/sportsbook/sports/513-hundringen/upcoming HTTP 302
   http://www.hajper.com/accessblocked HTTP 301
   https://www.hajper.com/accessblocked Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

• https://cdn.graphyte.ai/graphyte.min.js HTTP 302
• https://cdn.opti-x.optimove.net/graphyte.min.js

Request Chain 16

• https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
• https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js

Request Chain 25

• https://9918365.fls.doubleclick.net/activityi;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hajper.com%2Faccessblocked HTTP 302
• https://9918365.fls.doubleclick.net/activityi;dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hajper.com%2Faccessblocked

Request Chain 36

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&label=sFsPCIu__roYEPua0_gp&hn=www.googleadservices.com&frm=0&tiba=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&value=0&auid=1327825536.1702517349&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=ZVp6ZdjYAvGT9u8P8cqToAI&sscte=1&crd=&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvl4OMMKsGOLLlykfQPQRcWv7n_kEFsjvaA&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPZ09TUmhkVTg5Y24xbkZab2duOVJ5UEhOSlAtYV9OaGJ5Y0w5ZnUxRjVEVjdrGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SUdCMndUM0xDTFJVYjk5UncyNmdqZE5HT2dQM0Z3OWhmLTFzMkFpRmozSkVScVB5VFJpS2k0VlEiEwiYn8Gu442DAxXxif0HHXHlBCQ HTTP 302
• https://www.google.com/pagead/1p-conversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&label=sFsPCIu__roYEPua0_gp&hn=www.googleadservices.com&frm=0&tiba=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&value=0&auid=1327825536.1702517349&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPZ09TUmhkVTg5Y24xbkZab2duOVJ5UEhOSlAtYV9OaGJ5Y0w5ZnUxRjVEVjdrGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SUdCMndUM0xDTFJVYjk5UncyNmdqZE5HT2dQM0Z3OWhmLTFzMkFpRmozSkVScVB5VFJpS2k0VlEiEwiYn8Gu442DAxXxif0HHXHlBCQ&is_vtc=1&ocp_id=ZVp6ZdjYAvGT9u8P8cqToAI&cid=CAQSKQAvHhf_zq_Xs4zXgBSxUDIWzIxzhoVNfQmvpeHz0fsjvYgz6SjV0I9V&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvjDFWYYaTrrGXLwRTrXFFgkUOk_U3ZvcmA&random=1815327666 HTTP 302
• https://www.google.de/pagead/1p-conversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&label=sFsPCIu__roYEPua0_gp&hn=www.googleadservices.com&frm=0&tiba=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&value=0&auid=1327825536.1702517349&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPZ09TUmhkVTg5Y24xbkZab2duOVJ5UEhOSlAtYV9OaGJ5Y0w5ZnUxRjVEVjdrGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SUdCMndUM0xDTFJVYjk5UncyNmdqZE5HT2dQM0Z3OWhmLTFzMkFpRmozSkVScVB5VFJpS2k0VlEiEwiYn8Gu442DAxXxif0HHXHlBCQ&is_vtc=1&ocp_id=ZVp6ZdjYAvGT9u8P8cqToAI&cid=CAQSKQAvHhf_zq_Xs4zXgBSxUDIWzIxzhoVNfQmvpeHz0fsjvYgz6SjV0I9V&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvjDFWYYaTrrGXLwRTrXFFgkUOk_U3ZvcmA&random=1815327666&ipr=y

Request Chain 50

• https://gum.criteo.com/sid/json?origin=onetag&domain=hajper.com&sn=ChromeSyncframe&so=0&topUrl=www.hajper.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=zSu5CnxtVDhjbU5pdXF0c1dRSnIwczdhMmhhcGNXMFRyR2RjMDJtejFKdW9XVkdlNlRjMG9OYjhjcUoyOVAxYk9qL3VLZGpkS2xhdmN1dDRIWXlKYzQ3V1NwdDYrVUpYUGh6bmk2VStJTVF3eXRoS3d1SEk0WnpHcDVnUUtyNDZCM0FiTDFFYzAvUStXMDg2SmhBeHdxUmE4Y0VmMTZ2cGlSLzZEdWd3UWZGK2x0SEQ5bG9SeGhqbDQ2VGthMUh3WEljNkdVSm1qbldjaE4wVmFCVmdob0g3Y0d5ZlVyZnZGZitQVzRFb0J5bmFBTEdBV1hZVXhsSkFsd0tYVjFPTFRiUGtjRm9oYTAyN3A5ZHBuenN2MVpGSmdscHdPRXFHclRKSStCVndjVzFlY0Zraz18&cppv=2

Request Chain 55

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tktPALvSOaF6r5II_CN2W_05-hkFDKRnCAS7xA&google_cm&google_hm=ay10a3RQQUx2U09hRjZyNUlJX0NOMldfMDUtaGtGREtSbkNBUzd4QQ HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tktPALvSOaF6r5II_CN2W_05-hkFDKRnCAS7xA&google_gid=CAESEE3Swqg0uLgY_lAUdg71rZM&google_cver=1&google_ula=913071,0

Request Chain 57

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2488611793116334711

Request Chain 67

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VwUsHbvSOaF6r5II_CN2W_05-hmP07Zky6YmWw HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VwUsHbvSOaF6r5II_CN2W_05-hmP07Zky6YmWw&C=1

Request Chain 69

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yNmLP9rQQMo4Nf9r_SUS51H3k-vMEXFx HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yNmLP9rQQMo4Nf9r_SUS51H3k-vMEXFx

Request Chain 85

• https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cmGp0in8f52PHFPdVJ_BH0T2Exbk7HtK

Request Chain 86

• https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
• https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XxT-oTEq5S_JF7H4JlNW0oJB4OW-PqzC

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request accessblocked Show response www.hajper.com/ Redirect Chain https://www.hajper.com/sv/sportsbook/sports/513-hundringen/upcoming/ https://www.hajper.com/sv/sportsbook/sports/513-hundringen/upcoming http://www.hajper.com/accessblocked https://www.hajper.com/accessblocked	32 KB 13 KB	153ms 152ms	Document text/html	2606:4700:4400::ac40:9878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 166451b2ff202519214da176f3af8bc2019e22dd8939fddc65fab401aa67c2db Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com; X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials * access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 8352ac93aed437fb-FRA content-encoding br content-security-policy frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com; content-type text/html;charset=UTF-8 date Thu, 14 Dec 2023 01:29:08 GMT link <https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/js/app.js>; rel=preload; as=script, <https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/css/mobile-core-assets.css>; rel=preload; as=style, <https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/css/hajper.css>; rel=preload; as=style server cloudflare vary Accept-Encoding x-xss-protection 1; mode=block Redirect headers CF-RAY 8352ac937a2a37de-FRA Cache-Control max-age=3600 Connection keep-alive Date Thu, 14 Dec 2023 01:29:08 GMT Expires Thu, 14 Dec 2023 02:29:08 GMT Location https://www.hajper.com/accessblocked Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	app.js Show response d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/js/	321 KB 100 KB	42ms 40ms	Script application/javascript	2600:9000:225b:b200:f:dcfa:3700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:b200:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7f404a99da41aebfb44ea282a7a938e148e1922516c03d45b9df17378d8d58d6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 13:09:31 GMT x-amz-version-id null content-encoding br last-modified Wed, 13 Dec 2023 13:04:07 GMT server AmazonS3 via 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 etag W/"b534d45e9bf4255623bb19c1ac1dca84" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public,max-age=31536000 age 44378 x-amz-cf-id KmwnnuEIJk89z9gCBS95p3yTD_Ttf4QRZsp5SeZZ2zB-oeWCX0EyRw==
GET H2	200	mobile-core-assets.css d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/css/	117 KB 21 KB	37ms 35ms	Stylesheet text/css	2600:9000:225b:b200:f:dcfa:3700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/css/mobile-core-assets.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:b200:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 06a911a0855fbb4446f309dbee3cd70cd80ebdd82ed7fa43da3edadc8c5bab9a Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 13:09:31 GMT x-amz-version-id null content-encoding br last-modified Wed, 13 Dec 2023 13:04:07 GMT server AmazonS3 via 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 etag W/"d2aec9c789599042ab7addebb267d451" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public,max-age=31536000 age 44378 x-amz-cf-id mMr-M06OvCn6EQTF5l8rWNGEFPUceQUBrfpwmdfhP3yePXA_Ekg2GA==
GET H2	200	hajper.css d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/css/	148 KB 28 KB	56ms 54ms	Stylesheet text/css	2600:9000:225b:b200:f:dcfa:3700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eg6wi5fpm57g.cloudfront.net/@komigen/mobile-frontend@26987-57eb/css/hajper.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:b200:f:dcfa:3700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 356ef5273b923fada8791e3866b8bbe865bafaacc812d99da6fcb1e65ee0e11a Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 13:11:53 GMT x-amz-version-id null content-encoding br last-modified Wed, 13 Dec 2023 13:04:06 GMT server AmazonS3 via 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 etag W/"a34db9b39b325a9860128179fd84bbb2" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control public,max-age=31536000 age 44236 x-amz-cf-id d64-VqwE4-ZyTNO4f9iERv37NFugMJ2h1H52fdKQp8kMHETLKPP-Xg==
GET H2	200	translations Show response www.hajper.com/preload/11/48/sv-SE/	694 KB 161 KB	37ms 36ms	Script application/javascript	2606:4700:4400::ac40:9878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hajper.com/preload/11/48/sv-SE/translations?hash=v2_4f1e7ba9b0f82c6b7e5ec08d4ba6bcdc Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff477786355282e17972b31823524fafd74111193d2c279bc78ba0181d1903ca Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com; X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/accessblocked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-security-policy frame-ancestors 'self' *.casinomodule.com *.playngonetwork.com; content-encoding br cf-cache-status HIT last-modified Mon, 11 Dec 2023 19:15:56 GMT server cloudflare age 195192 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials * cf-ray 8352ac94af7137fb-FRA x-xss-protection 1; mode=block expires Fri, 13 Dec 2024 01:29:08 GMT
GET H2	200	webfontloader.min.js Show response cdn.jsdelivr.net/npm/webfontloader@1.6.28/	12 KB 6 KB	77ms 30ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/webfontloader@1.6.28/webfontloader.min.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2686d1245000570ac793349a1e85b90c3c097af7ae1cbc15471b83cffbfc270 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1194120 x-jsd-version 1.6.28 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230045-FRA x-jsd-version-type version server cloudflare etag W/"31b0-vG/+nA2LMoVWRhmkRcbKV1650PU" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K76OUhRN6kU1nwqU0eW6NxbzLZfdOB84FUnANWdjxCfIPDyaV5ol%2FdEkRKP1v4ui3HV5Qu6IRY%2Ft6t2e8q8RBbdjoO041nxomLux7jJsCC7bLePZFHkhN8mr87dFwIWYX5Nnyob70VyH8thA9ek%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 8352ac94e960718b-FRA
GET H2	200	HajperDisplay-Bold.woff2 d3j4vz29nirhst.cloudfront.net/fonts/	18 KB 18 KB	124ms 52ms	Font binary/octet-stream	2600:9000:26da:e800:b:5e2c:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3j4vz29nirhst.cloudfront.net/fonts/HajperDisplay-Bold.woff2 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:e800:b:5e2c:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a8f3a3b223df13ae87a635acbd3aa1c84c9ad1d20d21b00805c5335467f29889 Request headers Referer https://www.hajper.com/ Origin https://www.hajper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 06:23:02 GMT x-amz-version-id 4K7fA3mQgMQpGYv_bnqx09OfKW5wyp_g via 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 68767 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 18268 last-modified Thu, 12 Oct 2023 20:43:35 GMT server AmazonS3 etag "550af39ad791ca40cf71c83011fdd277" content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers * accept-ranges bytes x-amz-cf-id rj8mFkHk81oaowvbbCKqSvtpFarKj6ld9IedXGG0x5Af5-oQxKKUcg==
GET H2	200	HajperSans-Bold.woff2 d3j4vz29nirhst.cloudfront.net/fonts/	25 KB 26 KB	129ms 58ms	Font binary/octet-stream	2600:9000:26da:e800:b:5e2c:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3j4vz29nirhst.cloudfront.net/fonts/HajperSans-Bold.woff2 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:e800:b:5e2c:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bc9bb1b1797122e45781966606dd80876c6aa25fb25ce9927aee92284c6625f8 Request headers Referer https://www.hajper.com/ Origin https://www.hajper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id G__vX7Co438xZAabr.JsoypdcJzxohqm date Wed, 13 Dec 2023 03:50:33 GMT via 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 77916 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 25708 last-modified Thu, 12 Oct 2023 20:43:34 GMT server AmazonS3 etag "08ef31d1e627aa351214e09373181d41" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers * accept-ranges bytes x-amz-cf-id 2gqZMG0QiFWtv9LtIwfOh87_FFWXK-r8SaTCMi3mG8LFPi3Los_NrQ==
GET H2	200	HajperSans-Regular.woff2 d3j4vz29nirhst.cloudfront.net/fonts/	26 KB 26 KB	102ms 30ms	Font binary/octet-stream	2600:9000:26da:e800:b:5e2c:3740:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3j4vz29nirhst.cloudfront.net/fonts/HajperSans-Regular.woff2 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:e800:b:5e2c:3740:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ecab56e104ce49aed69283a8c6c17ac9fba29721859c16603177cb68d5d0ab30 Request headers Referer https://www.hajper.com/ Origin https://www.hajper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 06:10:03 GMT x-amz-version-id DNgRTzEqqoiafF6_suwj.DHGMs.QDJRa via 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 age 69546 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 26284 last-modified Thu, 12 Oct 2023 20:43:36 GMT server AmazonS3 etag "09546ada903d9f5215c51ecc4bca4712" content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers * accept-ranges bytes x-amz-cf-id UvJBEGDLXlL1F1Z8k918TRo8YRSDxRtWE-3csxKQc__n9oL-WxEI1A==
GET H2	200	email-decode.min.js Show response www.hajper.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 852 B	23ms 23ms	Script application/javascript	2606:4700:4400::ac40:9878 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.hajper.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9878 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/accessblocked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 01 Dec 2023 15:04:24 GMT server cloudflare etag W/"6569f5f8-4d7" vary Accept-Encoding x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 8352ac94af7337fb-FRA expires Sat, 16 Dec 2023 01:29:08 GMT
GET DATA	200 OK	truncated /	34 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	gtm.js Show response www.googletagmanager.com/	401 KB 109 KB	113ms 63ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TP3Z2NM Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b5af92a06cfc34c479be8886a6f0c0806269fb9ff65229de71a8fce461f0226a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111695 x-xss-protection 0 last-modified Thu, 14 Dec 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 14 Dec 2023 01:29:08 GMT
GET H2	200	graphyte.min.js Show response cdn.opti-x.optimove.net/ Redirect Chain https://cdn.graphyte.ai/graphyte.min.js https://cdn.opti-x.optimove.net/graphyte.min.js	124 KB 37 KB	134ms 30ms	Script application/javascript	2600:9000:26db:a400:16:57fd:12c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.opti-x.optimove.net/graphyte.min.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Server 2600:9000:26db:a400:16:57fd:12c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 528b5543f835b536569b86a869855e5305c6c1b1ce3720bd1f1b7554660c594f Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront) date Wed, 13 Dec 2023 22:49:14 GMT last-modified Tue, 05 Apr 2022 06:44:55 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 67272 etag W/"6f7e21684db70f03323ebb92455f245e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id hI6QO5zfhlM2bd_KwZSZ9dqnpqIpXH46iFOw20-xACQUH8NCUDUVgQ== Redirect headers location https://cdn.opti-x.optimove.net:443/graphyte.min.js date Thu, 14 Dec 2023 01:29:08 GMT server awselb/2.0 content-length 110 content-type text/html
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	94ms 22ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 07 Dec 2023 19:07:20 GMT content-encoding gzip x-content-type-options nosniff age 541308 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 06 Dec 2024 19:07:20 GMT
GET H2	200	hajper.svg Show response d1h2ljxaiibpe9.cloudfront.net/logos/ Frame 6BEC	3 KB 3 KB	116ms 43ms	Document image/svg+xml	2600:9000:237d:6a00:14:7e43:d440:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1h2ljxaiibpe9.cloudfront.net/logos/hajper.svg Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:6a00:14:7e43:d440:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71d09419b4687bf0c4b721103c8e03be42c63c04cf0cb837c162c01a6ff30eea Request headers Referer https://www.hajper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 66533 content-length 2641 content-type image/svg+xml date Wed, 13 Dec 2023 07:00:16 GMT etag "bdfff4967c3e1b1a1c46dc0dbf67c13c" last-modified Wed, 02 Oct 2019 12:33:47 GMT server AmazonS3 via 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront) x-amz-cf-id syy5-nnak2Ac5-R3XtwDmLv2V2sAtLrqwylmA9mtb2Xu8MydRZkANg== x-amz-cf-pop MUC50-P2 x-amz-version-id 2dZBmUC7hXQBbakmrrGqfyzjXdEuSF7y x-cache Hit from cloudfront
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 77 KB	36ms 35ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Y1HJ2EF4M1&l=dataLayer&cx=c Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a30256f3563bb5340f2dff71348893c84f884700f06b70c46259570e9a723f0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78479 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 14 Dec 2023 01:29:08 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	217 KB 77 KB	39ms 39ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2RYQLLXDV6&l=dataLayer&cx=c Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e604f93b2fcaa70469f4e925cfc7fdda0c74e0da30ee097f33960a8e8a9b2128 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79163 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 14 Dec 2023 01:29:08 GMT
GET H2	200	web-vitals.iife.js Show response unpkg.com/web-vitals@3.5.0/dist/ Redirect Chain https://unpkg.com/web-vitals/dist/web-vitals.iife.js https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js	7 KB 3 KB	31ms 31ms	Script application/javascript	2606:4700::6810:7eaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Server 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1281998 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HGCREPYEGGJ5CMEBPGNBJEQ9-fra server cloudflare etag W/"1c0d-zW8RvTlYH7YAF4tIT+4z8RfNaCg" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8352ac96ac2e3631-FRA Redirect headers date Thu, 14 Dec 2023 01:29:08 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HHJYXACC23FCAQWPQMBRQ4GG-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 159 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /web-vitals@3.5.0/dist/web-vitals.iife.js cache-control public, s-maxage=600, max-age=60 cf-ray 8352ac965c043631-FRA
GET H2	200	B22799121.248931738;sz=1x2;ord=331172998612 Show response ad.doubleclick.net/ddm/adj/N1024950.197812NSO.CODESRV/	11 B 548 B	96ms 30ms	Script text/javascript	142.250.181.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1024950.197812NSO.CODESRV/B22799121.248931738;sz=1x2;ord=331172998612? Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f6.1e100.net Software cafe / Resource Hash f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:08 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 254 B	87ms 31ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Y1HJ2EF4M1&gtm=45je3bt0v873865420z879108179&_p=1702517348585&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1261878226.1702517349&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dr=&sid=1702517348&sct=1&seg=0&dl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&dt=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&en=fetch_client_id&_fv=1&_nsi=1&_ss=1&ep.client_id_ga=1883161148.1702517349.&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&ep.gtm_version=128&ep.original_page_url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&ep.event_time_stamp_cet=2023-12-14%2003%3A29%3A08&ep.event_time_stamp_local=2023-12-14%2002%3A29%3A08&up.Client_ID_UCD=1883161148.1702517349.&tfd=858 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y1HJ2EF4M1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hajper.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect Show response gtm-server.hajper.com/g/	65 B 596 B	243ms 168ms	XHR text/plain	2001:4860:4802:38::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-server.hajper.com/g/collect?v=2&tid=G-2RYQLLXDV6&gtm=45je3bt0v9132899791z879108179&_p=1702517348585&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1261878226.1702517349&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.ngs=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1702517348585&_s=1&sid=1702517348&sct=1&seg=0&dl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&dt=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&en=fetch_client_id&_fv=1&_ss=1&ep.client_id_ga=1883161148.1702517349.&up.Client_ID_UCD=1883161148.1702517349.&tfd=881&richsstsse Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT content-encoding gzip x-content-type-options nosniff server Google Frontend vary Accept-Encoding content-type text/plain access-control-allow-origin https://www.hajper.com x-cloud-trace-context 6c7e51dc0356087a9a341cabf150111c cache-control no-cache access-control-allow-credentials true content-length 90 expires Thu, 14 Dec 2023 01:29:09 GMT
OPTIONS H2	200	p api.graphyte.ai/clickstream/v1/ Frame	0 0	173ms 65ms	Preflight application/json	13.248.156.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.graphyte.ai/clickstream/v1/p Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.156.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6e2f6d7894fe6b7a.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers debug,x-api-key,x-brand-key Access-Control-Request-Method POST Origin https://www.hajper.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-brand-key,debug access-control-allow-methods POST,OPTIONS access-control-allow-origin https://www.hajper.com access-control-max-age 600 content-length 16 content-type application/json date Thu, 14 Dec 2023 01:29:09 GMT server awselb/2.0
POST H2	200	p Show response api.graphyte.ai/clickstream/v1/	16 B 108 B	75ms 75ms	XHR application/json	13.248.156.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.graphyte.ai/clickstream/v1/p Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.248.156.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6e2f6d7894fe6b7a.awsglobalaccelerator.com Software awselb/2.0 / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Request headers Content-Type text/plain Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 debug User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 x-brand-key 660ac23c-4a4e-47a4-9ee6-262758c4922b x-api-key MxDhAKOii12LW5Fdn4MbO4oxYn5AwjfU9zN7ORyl Response headers access-control-allow-origin * date Thu, 14 Dec 2023 01:29:09 GMT server awselb/2.0 content-length 16 content-type application/json
GET H2	200	nr-spa-1169.min.js Show response js-agent.newrelic.com/	37 KB 15 KB	149ms 46ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1169.min.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id SDvIuvUGdfQkF5foO8L3xopH0BKldbyZ content-encoding br via 1.1 varnish date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=300 x-amz-request-id XKDWSXF7KH1MCZR1 x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 14672 x-amz-id-2 FOUuAcifuWFi+eO4tWw7zFolE51tcKUyQK6YwNJk764SHATqlbc6mUCdQRbJEBV6NsBY9DC6yv4= x-served-by cache-cph2320028-CPH last-modified Wed, 18 Oct 2023 21:30:48 GMT server AmazonS3 x-timer S1702517349.061762,VS0,VE0 etag "5e3590bffa49fddc4bc389e63736da42" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 2970
GET H3	200	js Show response www.googletagmanager.com/gtag/	193 KB 71 KB	32ms 32ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1234567890&l=dataLayer&cx=c Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 08d6264c8bbce4d6a2303e929f0e7db750b77d36646c8bc239e4e3b1e60d2ece Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72938 x-xss-protection 0 last-modified Thu, 14 Dec 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 14 Dec 2023 01:29:08 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	75ms 22ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 14 Dec 2023 01:22:25 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 404 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 14 Dec 2023 03:22:25 GMT
GET H2	200	activityi;dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0... Show response 9918365.fls.doubleclick.net/ Frame 5C2D Redirect Chain https://9918365.fls.doubleclick.net/activityi;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3b... https://9918365.fls.doubleclick.net/activityi;dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Facc...	563 B 645 B	66ms 66ms	Document text/html	142.250.186.70 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9918365.fls.doubleclick.net/activityi;dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hajper.com%2Faccessblocked? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP3Z2NM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.70 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f6.1e100.net Software cafe / Resource Hash 8bdc9d160e878ef945c79c62ae12937f977e0e36ac2a40d1d75ec52c52cdff86 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.hajper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 306 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 01:29:09 GMT expires Thu, 14 Dec 2023 01:29:09 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 01:29:09 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://9918365.fls.doubleclick.net/activityi;dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hajper.com%2Faccessblocked? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	scevent.min.js Show response sc-static.net/	41 KB 18 KB	123ms 54ms	Script application/javascript	108.138.40.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.40.243 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-40-243.muc50.r.cloudfront.net Software CloudFront / Resource Hash 167ee4702e76b96cfe396221bef5630f2182e4148a3406c303992ab2f44c357a Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT content-encoding gzip via 1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P2 x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 17610 x-amz-cf-id -_bLkx3ZHkmanqx1Bro6SEiO7MFfDykUEDmwk_NNmf4UuGlLPCvlNg==
GET H2	200	/ Show response www.googleadservices.com/pagead/conversion/11258875259/	3 KB 2 KB	111ms 42ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/11258875259/?random=1702517348954&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&label=sFsPCIu__roYEPua0_gp&hn=www.googleadservices.com&frm=0&tiba=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&value=0&bttype=purchase&auid=1327825536.1702517349&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash 5a21dcb6190bdd691cd4af00def9d062b5e7b9014a1f6731d881b1d264ecb5a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1672 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	79ms 24ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 14 Dec 2023 01:29:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 6FHQ9yP/Q3uMcfKlq8lVCbJ6f+0qKoiuLjLUSiytw7uGxdIlh9Fj0pil1xlISG2QejZyfnQOqP3yEKfNusKVKg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	46 KB 20 KB	115ms 39ms	Script application/javascript	2a02:2638:3::e ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=91013 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 99a3815c6200e3817090a5dc0dd356726309c32479b10facc8b5ff5320d97710 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT content-encoding br strict-transport-security max-age=31536000; preload; server Kestrel vary Origin, Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public,max-age=10800 cross-origin-resource-policy cross-origin timing-allow-origin *
GET H2	200	k_hajper.js Show response scripts.prdredir.com/scripts/	800 B 794 B	483ms 427ms	Script text/javascript	2606:4700:20::681a:672 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.prdredir.com/scripts/k_hajper.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-runtime 0.015140 date Thu, 14 Dec 2023 01:29:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"95d838de11136e7964ca0eaa375bf294" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rn%2By9OquG4Qv%2Bf%2BkQI3gSeyKTpNsRhqZRZQnmFcuhXNOB6cuEf3DPgM89wMlx7Wu1ZfWOOlZGjSK7h2FbJyAC7wPFu1%2BDvPrIRA5fNm3lvj49BAXQ2c07fKRv2lx78zX9U%2Ba0Nsf0Gxoiu7uA3fRCau"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 status 200 OK access-control-allow-origin * cache-control no-cache cf-ray 8352ac976b370418-FRA x-request-id 62c87967-9bed-4e2a-840c-4ad5ec57fe72
GET H2	200	fs.js Show response edge.fullstory.com/s/	248 KB 69 KB	77ms 23ms	Script application/javascript	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30 Request headers Referer https://www.hajper.com/ Origin https://www.hajper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 00:49:42 GMT content-encoding br age 2367 x-guploader-uploadid ABPtcPomjKi6E9uowNYhNj6I5YaaggUkJ7ffqiaHyTTW95UB6UjCTJtg5xsence6hlfDLyxqnsCCAfPkzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69593 last-modified Tue, 12 Dec 2023 16:27:20 GMT server UploadServer etag "20e8f197ce31d0a16939988b0de6f7d0" vary Accept-Encoding x-goog-generation 1702398440850044 x-goog-hash crc32c=bnuCPg==, md5=IOjxl84x0KFpOZiLDeb30A== access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600,no-transform x-goog-stored-content-length 69593 accept-ranges bytes content-type application/javascript expires Thu, 14 Dec 2023 01:49:42 GMT
GET H2	200	crypto-js.min.js Show response cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/	47 KB 14 KB	77ms 30ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 34229 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 14107 last-modified Mon, 04 May 2020 16:09:17 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e2d-bb78" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1htaWZDKr4RFtMadeagUxYt0E2TEB%2BJOqKBfKiueSrQNo7%2BQ58M4TqDQrVroz74q3JCwe34Mbg5f%2BKRKB1nr982XWEZbTMBuRfRWOvjPGAHKAcq%2BhPlkp6aRrpmlAA5i5ZUWUvaEmnsYM3jjIunX3HTl"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8352ac975ae92c5f-FRA expires Tue, 03 Dec 2024 01:29:09 GMT
GET H2	200	collect Show response gtm-server.hajper.com/g/	65 B 437 B	281ms 281ms	XHR text/plain	2001:4860:4802:38::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-server.hajper.com/g/collect?v=2&tid=G-1234567890&gtm=45je3bt0z879108179&_p=1702517348585&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1261878226.1702517349&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1702517348585&_s=1&sid=1702517349&sct=1&seg=0&dl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&dt=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&en=page_view&_fv=1&_ss=1&ep.event_id=1702517348585_11_gtm.load&tfd=1009&richsstsse Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT content-encoding gzip x-content-type-options nosniff server Google Frontend vary Accept-Encoding content-type text/plain access-control-allow-origin https://www.hajper.com x-cloud-trace-context 96f4feba5db6b483959cb2001a38412d cache-control no-cache access-control-allow-credentials true content-length 90 expires Thu, 14 Dec 2023 01:29:09 GMT
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:15:39 GMT content-encoding br x-content-type-options nosniff age 810 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 14 Dec 2023 02:15:39 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	30ms 30ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=749925019&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&ul=en-us&de=UTF-8&dt=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjAAAAACAEK~&jid=301897345&gjid=2046134153&cid=1261878226.1702517349&tid=UA-124064124-2&_gid=1939109972.1702517349&_r=1&_slc=1&gtm=45He3bt0n81TP3Z2NMv79108179&cd2=Not%20logged-in&cd8=1702517348942.rh54k4j&cd23=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd25=&cd26=128&cd27=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd5=1261878226.1702517349&z=2013769721 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hajper.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/11258875259/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&... https://www.google.com/pagead/1p-conversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12... https://www.google.de/pagead/1p-conversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...	42 B 154 B	61ms 37ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&label=sFsPCIu__roYEPua0_gp&hn=www.googleadservices.com&frm=0&tiba=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&value=0&auid=1327825536.1702517349&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPZ09TUmhkVTg5Y24xbkZab2duOVJ5UEhOSlAtYV9OaGJ5Y0w5ZnUxRjVEVjdrGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SUdCMndUM0xDTFJVYjk5UncyNmdqZE5HT2dQM0Z3OWhmLTFzMkFpRmozSkVScVB5VFJpS2k0VlEiEwiYn8Gu442DAxXxif0HHXHlBCQ&is_vtc=1&ocp_id=ZVp6ZdjYAvGT9u8P8cqToAI&cid=CAQSKQAvHhf_zq_Xs4zXgBSxUDIWzIxzhoVNfQmvpeHz0fsjvYgz6SjV0I9V&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvjDFWYYaTrrGXLwRTrXFFgkUOk_U3ZvcmA&random=1815327666&ipr=y Protocol H2 Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/11258875259/?random=725277552&cv=11&fst=1702517348954&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79108179&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&label=sFsPCIu__roYEPua0_gp&hn=www.googleadservices.com&frm=0&tiba=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&value=0&auid=1327825536.1702517349&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ01ubHF3WVFsc3V5M1ptQTNQX2FBUkltQU4wUEJPZ09TUmhkVTg5Y24xbkZab2duOVJ5UEhOSlAtYV9OaGJ5Y0w5ZnUxRjVEVjdrGlpDaEVJZ01ubHF3WVEyZjdfMU9tZV9veldBUkl1QUNJTEM5SUdCMndUM0xDTFJVYjk5UncyNmdqZE5HT2dQM0Z3OWhmLTFzMkFpRmozSkVScVB5VFJpS2k0VlEiEwiYn8Gu442DAxXxif0HHXHlBCQ&is_vtc=1&ocp_id=ZVp6ZdjYAvGT9u8P8cqToAI&cid=CAQSKQAvHhf_zq_Xs4zXgBSxUDIWzIxzhoVNfQmvpeHz0fsjvYgz6SjV0I9V&eitems=ChAIgMnlqwYQ4NiS09_T5P8WEh0ApkHnvjDFWYYaTrrGXLwRTrXFFgkUOk_U3ZvcmA&random=1815327666&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	web Show response edge.fullstory.com/s/settings/1967BY/v1/	53 KB 7 KB	24ms 23ms	XHR application/json	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/settings/1967BY/v1/web Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash 73fa420d44ec0213ce3deb76649308d0ffb67fe6f1e9781159abc644ab17136c Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:27:12 GMT content-encoding gzip age 117 x-guploader-uploadid ABPtcPrTf8QxuFspOVtmHcskvDiaGwLpv_m77f7S27quuTRK7yyVzIO8drAAVsU60dDZYh0NS5Kx0kyDCkj17qY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6967 last-modified Thu, 14 Dec 2023 01:20:24 GMT server UploadServer etag "5c98ac9f35eec02e204a3d2c34f73cac" x-goog-generation 1702516824494231 x-goog-hash crc32c=TNnWNg==, md5=XJisnzXuwC4gSj0sNPc8rA== access-control-allow-origin * access-control-expose-headers Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public,max-age=900,no-transform x-goog-stored-content-length 6967 accept-ranges bytes content-type application/json expires Thu, 14 Dec 2023 01:42:12 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	89ms 30ms	XHR text/plain	2a00:1450:400c:c0b::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-124064124-2&cid=1261878226.1702517349&jid=301897345&gjid=2046134153&_gid=1939109972.1702517349&_u=aCDAAEAiAAAAACAEK~&z=1396419702 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 14 Dec 2023 01:29:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hajper.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	48c5a7c8-1aa5-4420-b9e3-c546bd14a5f8.js Show response tr.snapchat.com/config/com/	167 B 435 B	95ms 31ms	Script application/javascript	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/com/48c5a7c8-1aa5-4420-b9e3-c546bd14a5f8.js?v=3.7.2-2312071952 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash eee1c83d2116b877fd5a5416df221d38becf9601329abcac3becb2c1c39a95a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.hajper.com/ Origin https://www.hajper.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type application/javascript access-control-allow-origin https://www.hajper.com x-envoy-upstream-service-time 0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 167
GET H2	200	i Show response tr.snapchat.com/cm/ Frame CC3C	0 201 B	95ms 32ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=48c5a7c8-1aa5-4420-b9e3-c546bd14a5f8&u_scsid=4ae4b6c5-d0e4-44bb-8ffc-ebf3d4f733f3&u_sclid=edfe5b32-0c43-446a-8f2d-4997523aa492 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://www.hajper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Thu, 14 Dec 2023 01:29:09 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google x-envoy-upstream-service-time 0
GET H2	200	p tr.snapchat.com/	68 B 298 B	95ms 32ms	Image image/png	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tr.snapchat.com/p?pid=48c5a7c8-1aa5-4420-b9e3-c546bd14a5f8&ev=PAGE_VIEW&intg=gtm&e_desc=Pageview&pids=48c5a7c8-1aa5-4420-b9e3-c546bd14a5f8&u_c1=97cbf612-7c0b-477b-8499-d502668abcf9&u_sclid=edfe5b32-0c43-446a-8f2d-4997523aa492&u_scsid=4ae4b6c5-d0e4-44bb-8ffc-ebf3d4f733f3&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=587&m_fcps=617&m_pi=587&m_pl=926&m_pv=2&m_rd=1121&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&trackId=ed13f597-4d64-43df-a573-3dab97395da2&ts=1702517349129&v=3.7.2-2312071952 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type image/png access-control-allow-origin * cache-control no-cache, no-transform x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68
GET H2	200	644747353040436 Show response connect.facebook.net/signals/config/	133 KB 35 KB	88ms 87ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/644747353040436?v=2.9.138&r=stable&domain=www.hajper.com Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ed03f8863f38a7d3f5a89a61f9762a2dd75e7575369d05c494ac619acbce673a Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 14 Dec 2023 01:29:09 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug WTuBaELTGuasUl6fe41hXyg1FhZRfi2XWQfyPvNmIoDYoyEeAQbpo4NgHoJtKb9vS/KZIgV6u3n3aDK+dnWdyA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200	e4634a9f18 Show response bam.nr-data.net/1/	56 B 495 B	488ms 433ms	Script text/javascript	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/e4634a9f18?a=37177158&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=1134&ck=1&ref=https://www.hajper.com/accessblocked&be=579&fe=926&dc=588&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1702517348008,%22n%22:0,%22f%22:405,%22dn%22:405,%22dne%22:405,%22c%22:405,%22ce%22:405,%22rq%22:405,%22rp%22:434,%22rpe%22:559,%22dl%22:560,%22di%22:588,%22ds%22:588,%22de%22:588,%22dc%22:926,%22l%22:926,%22le%22:927%7D,%22navigation%22:%7B%7D%7D&fp=617&fcp=617&jsonp=NREUM.setToken Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 56 x-served-by cache-fra-eddf8230095-FRA
GET H2	200	syncframe Show response gum.criteo.com/ Frame 354D	15 KB 6 KB	107ms 36ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=www.hajper.com&origin=onetag Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.hajper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 14 Dec 2023 01:29:09 GMT server Kestrel server-processing-duration-in-ticks 360963 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
POST H2	202	page Show response rs.fullstory.com/rec/	83 B 281 B	195ms 144ms	XHR text/plain	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash f2340c728652b7cc8fdb9fb48b8c7f111f3dde2c13a297784a8f6b26c4101cce Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Thu, 14 Dec 2023 01:29:09 GMT via 1.1 google x-content-type-options nosniff content-type text/plain; charset=utf-8 access-control-allow-origin https://www.hajper.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 83
GET H2	200	dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=*;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_c... adservice.google.com/ddm/fls/z/ Frame 5C2D	42 B 401 B	111ms 62ms	Image image/gif	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=*;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hajper.com%2Faccessblocked Requested by Host: 9918365.fls.doubleclick.net URL: https://9918365.fls.doubleclick.net/activityi;dc_pre=CK2nw67jjYMDFSgKogMdArMDsQ;src=9918365;type=ros0;cat=hajpe0;ord=3278706159921;auiddc=1327825536.1702517349;u2=https%3A%2F%2Fwww.hajper.com%2Faccessblocked;u4=undefined;gtm=45He3bt0v79108179;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.hajper.com%2Faccessblocked? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://9918365.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	32ms 32ms	Image image/gif	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-124064124-2&cid=1261878226.1702517349&jid=301897345&_u=aCDAAEAiAAAAACAEK~&z=423607400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	87ms 34ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-124064124-2&cid=1261878226.1702517349&jid=301897345&_u=aCDAAEAiAAAAACAEK~&z=423607400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	81ms 22ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=644747353040436&ev=PageView&dl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&rl=&if=false&ts=1702517349245&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702517349244.381004395&ler=empty&it=1702517349137&coo=false&eid=1702517348585_11_gtm.load&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 14 Dec 2023 01:29:09 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	sid Show response mug.criteo.com/ Frame 354D Redirect Chain https://gum.criteo.com/sid/json?origin=onetag&domain=hajper.com&sn=ChromeSyncframe&so=0&topUrl=www.hajper.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=zSu5CnxtVDhjbU5pdXF0c1dRSnIwczdhMmhhcGNXMFRyR2RjMDJtejFKdW9XVkdlNlRjMG9OYjhjcUoyOVAxYk9qL3VLZGpkS2xhdmN1dDRIWXlKYzQ3V1NwdDYrVUpYUGh6bmk2VStJTVF3eXRoS3d1SEk0WnpHcDVnUU...	427 B 650 B	38ms 37ms	Fetch application/json	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=zSu5CnxtVDhjbU5pdXF0c1dRSnIwczdhMmhhcGNXMFRyR2RjMDJtejFKdW9XVkdlNlRjMG9OYjhjcUoyOVAxYk9qL3VLZGpkS2xhdmN1dDRIWXlKYzQ3V1NwdDYrVUpYUGh6bmk2VStJTVF3eXRoS3d1SEk0WnpHcDVnUUtyNDZCM0FiTDFFYzAvUStXMDg2SmhBeHdxUmE4Y0VmMTZ2cGlSLzZEdWd3UWZGK2x0SEQ5bG9SeGhqbDQ2VGthMUh3WEljNkdVSm1qbldjaE4wVmFCVmdob0g3Y0d5ZlVyZnZGZitQVzRFb0J5bmFBTEdBV1hZVXhsSkFsd0tYVjFPTFRiUGtjRm9oYTAyN3A5ZHBuenN2MVpGSmdscHdPRXFHclRKSStCVndjVzFlY0Zraz18&cppv=2 Protocol H2 Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 23f7d91780132a06d6d95cabdb11985e550f6247ab2c1675ca81270f0289c736 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:08 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1030357 expires 0 Redirect headers pragma no-cache date Thu, 14 Dec 2023 01:29:08 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=zSu5CnxtVDhjbU5pdXF0c1dRSnIwczdhMmhhcGNXMFRyR2RjMDJtejFKdW9XVkdlNlRjMG9OYjhjcUoyOVAxYk9qL3VLZGpkS2xhdmN1dDRIWXlKYzQ3V1NwdDYrVUpYUGh6bmk2VStJTVF3eXRoS3d1SEk0WnpHcDVnUUtyNDZCM0FiTDFFYzAvUStXMDg2SmhBeHdxUmE4Y0VmMTZ2cGlSLzZEdWd3UWZGK2x0SEQ5bG9SeGhqbDQ2VGthMUh3WEljNkdVSm1qbldjaE4wVmFCVmdob0g3Y0d5ZlVyZnZGZitQVzRFb0J5bmFBTEdBV1hZVXhsSkFsd0tYVjFPTFRiUGtjRm9oYTAyN3A5ZHBuenN2MVpGSmdscHdPRXFHclRKSStCVndjVzFlY0Zraz18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 273944 content-length 0 expires 0
POST H2	200	p tr6.snapchat.com/	0 42 B	48ms 32ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr6.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains x-envoy-upstream-service-time 0 via 1.1 google server API Gateway alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	event Show response sslwidget.criteo.com/	10 KB 5 KB	103ms 38ms	Script application/x-javascript	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://sslwidget.criteo.com/event?a=91013&v=5.20.0&p0=e%3Dce%26m%3D%255Bundefined%255D%26h%3Dsha256&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=MiRTD190amklMkJERXdjODhHSFlEaXFzVnZ2Zkl2QUEwTzNGRXhVc2VmT293dkxBV3U3WTl2OFB2QjJRamNrMlE2RHFJd0FHWmdpc0Y1SHZLWTZRJTJGQjZqRjBhN1J6eFdBZlpPZXRwRzVreHNWJTJGakRpVyUyQmhreTR5ODZleFdGZ3NJcm52NktCR20zb252M1AlMkYwQnJmbWVSRVJqYk5BJTNEJTNE&tld=hajper.com&dy=1&fu=https%253A%252F%252Fwww.hajper.com%252Faccessblocked&ceid=9c9b2a54-bb92-4627-b410-39071d46e28a&dtycbr=30005 Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 8bcbf71410509d946f155192357ac8b8070415251e76af31f4500f16a7af3809 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://www.hajper.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:08 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; server Kestrel content-type application/x-javascript access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 8144418 timing-allow-origin * expires 0
POST H2	200	collect Show response gtm-server.hajper.com/g/	65 B 518 B	263ms 263ms	XHR text/plain	2001:4860:4802:38::15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-server.hajper.com/g/collect?v=2&tid=G-2RYQLLXDV6&gtm=45je3bt0v9132899791z879108179&_p=1702517348585&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1261878226.1702517349&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-BY&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.ngs=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1702517348585&sid=1702517348&sct=1&seg=1&dl=https%3A%2F%2Fwww.hajper.com%2Faccessblocked&dt=Hajper%20N%C3%A4tkasino%20-%20Sveriges%20Prisvinnande%20Casino%20p%C3%A5%20N%C3%A4tet!&_s=2&tfd=1391&richsstsse Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Dec 2023 01:29:09 GMT content-encoding gzip x-content-type-options nosniff server Google Frontend vary Accept-Encoding content-type text/plain access-control-allow-origin https://www.hajper.com x-cloud-trace-context 4ed244fcb365acb36aaf4859a59a4aec cache-control no-cache access-control-allow-credentials true content-length 90 expires Thu, 14 Dec 2023 01:29:09 GMT
GET H2	200	safeframe Show response scripts.prdredir.com/ Frame 267F	4 KB 2 KB	417ms 417ms	Document text/html	2606:4700:20::681a:672 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.prdredir.com/safeframe Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:672 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.hajper.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache cf-cache-status DYNAMIC cf-ray 8352ac9a1c890418-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 14 Dec 2023 01:29:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLmcT6ZEq7z33kAelu8Xbb228Qtzm59WIzC13JfNmUhdNC2BOdLCVp%2FeGiPt7RnWdfdVJqloFeq2vC77HD8Q2OtzSurpRbTb1FcqnrGrVs5mse1SjGddQRV9RIRHBNCY0pbMmqyB102WBR1C3LClbDBz"}],"group":"cf-nel","max_age":604800} server cloudflare status 200 OK vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-request-id 6c717f94-aa55-44a2-8aee-5cd0ff77a995 x-runtime 0.002130 x-xss-protection 1; mode=block
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame 27D6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tktPALvSOaF6r5II_CN2W_05-hkFDKRnCAS7xA&google_cm&google_hm=ay10a3RQQUx2U09hRjZyNUlJX0NOMldfMDUtaGtGREtSb... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tktPALvSOaF6r5II_CN2W_05-hkFDKRnCAS7xA&google_gid=CAESEE3Swqg0uLgY_lAUdg71rZM&google_cver=1&google_ula=913071,0	43 B 369 B	30ms 30ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tktPALvSOaF6r5II_CN2W_05-hkFDKRnCAS7xA&google_gid=CAESEE3Swqg0uLgY_lAUdg71rZM&google_cver=1&google_ula=913071,0 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:08 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 553247 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tktPALvSOaF6r5II_CN2W_05-hkFDKRnCAS7xA&google_gid=CAESEE3Swqg0uLgY_lAUdg71rZM&google_cver=1&google_ula=913071,0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 398 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync x.bidswitch.net/ Frame 27D6	43 B 146 B	77ms 24ms	Image image/gif	52.57.47.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=46&user_id=k-45ZFubvSOaF6r5II_CN2W_05-hmJ7JjNY4-8fg&expires=30 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.47.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-47-82.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT cache-control no-cache, no-store, must-revalidate content-length 43 content-type image/gif
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame 27D6 Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2488611793116334711	43 B 370 B	31ms 31ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2488611793116334711 Protocol H2 Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; preload; server Kestrel p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1639410 timing-allow-origin * expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT an-x-request-uuid bc5b4804-29a8-41df-bf33-fca0d704f22c server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2488611793116334711 x-proxy-origin 217.114.218.25; 217.114.218.25; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Frame 27D6	57 B 788 B	166ms 65ms	Image image/gif	2.19.216.27 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-KAkCprvSOaF6r5II_CN2W_05-hnqIXnENrCTpA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-216-27.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 14 Dec 2023 01:29:09 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 57 x-mnet-hl2 E expires Thu, 14 Dec 2023 01:29:09 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 27D6	0 239 B	129ms 23ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-vYC9BrvSOaF6r5II_CN2W_05-hnxPiSotLOU4g&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost f5982f4f9cc79eb2b489dda8b92e3144 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 27D6	43 B 163 B	89ms 28ms	Image image/gif	89.149.192.73 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-7OJffbvSOaF6r5II_CN2W_05-hkJKipip7lLCw Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 89.149.192.73 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:08 GMT transfer-encoding chunked content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 27D6	0 99 B	95ms 30ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Kxzh2rvSOaF6r5II_CN2W_05-hmua2NlfDzSlQ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 28424
GET H2	200	um criteo-sync.teads.tv/ Frame 27D6	23 B 163 B	307ms 78ms	Image image/gif	2.19.217.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-z5SUfbvSOaF6r5II_CN2W_05-hlBoffoiwNbag Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-19-217-101.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Thu, 14 Dec 2023 01:29:09 GMT pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif
GET H2	200	xuid eb2.3lift.com/ Frame 27D6	37 B 140 B	71ms 22ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2711&xuid=k-AyRHKbvSOaF6r5II_CN2W_05-hnCFaTreoXJIg&dongle=013b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame 27D6	0 125 B	178ms 25ms	Image text/plain	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IvhMsbvSOaF6r5II_CN2W_05-hlEAEUAtpWwVQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.94 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.94 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	pixel cm.adform.net/ Frame 27D6	43 B 163 B	185ms 33ms	Image image/gif	37.157.6.232 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-cDXckrvSOaF6r5II_CN2W_05-hn6GH9l_NvDvw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.232 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT last-modified Thu, 27 Jul 2023 11:18:06 GMT server nginx accept-ranges bytes etag "64c2526e-2b" content-length 43 content-type image/gif
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame 27D6	49 B 385 B	192ms 53ms	Image image/gif	63.32.188.239 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-MhlVlLvSOaF6r5II_CN2W_05-hlynVaHNzIMqA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.188.239 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-188-239.eu-west-1.compute.amazonaws.com Software / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT via kong/2.8.4 x-content-type-options nosniff x-kong-proxy-latency 0 vary Accept-Encoding p3p CP="CAO PSA OUR" content-type image/gif x-kong-upstream-latency 3 cache-control no-cache, no-store, must-revalidate content-length 49 expires 0
GET H2	200	rum r.casalemedia.com/ Frame 27D6 Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VwUsHbvSOaF6r5II_CN2W_05-hmP07Zky6YmWw https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VwUsHbvSOaF6r5II_CN2W_05-hmP07Zky6YmWw&C=1	43 B 323 B	46ms 46ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-VwUsHbvSOaF6r5II_CN2W_05-hmP07Zky6YmWw&C=1 Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZqg7AJr2vlpGY0Ae0X0drecvmz2bUINJt61h7QL5Q%2FdmN2JRS0hmFZrni17idJ471sxLID47VQ4jT5CjOtLb%2BbSu3BqmGhVd1sJz00Ou%2FP%2BB1ZvDQbtsyFguTw1LrWmz8Lu"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 8352ac9bd8f56a76-TXL alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fH6Tf8xuseKG%2Bnd7gBDeuIYXrH12CuX8VHf7u%2FRmlrk3JchmpAsXflQt19oFJ3lZzmY%2B%2F4NA0hY6BEtPH8h%2FMCm3zsRTxTgV4Wq0WEkd2O10%2BjQJyvsYAoW4wNaeknpKdXXk"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=20&external_user_id=k-VwUsHbvSOaF6r5II_CN2W_05-hmP07Zky6YmWw&C=1 cache-control no-cache cf-ray 8352ac9b98a36a76-TXL alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	200	dspreply public-prod-dspcookiematching.dmxleo.com/ Frame 27D6	0 123 B	135ms 34ms	Image text/plain	188.65.124.66 DAILYMOTION For p...
General Check archive.org Show headers Download Go to Show image Full URL https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k--ymB1LvSOaF6r5II_CN2W_05-hkPEGE_KM4gkQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR), Reverse DNS ingress-03-pub-prod-ix7.vip.dailymotion.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-dm-lb-name ingress-nginx-nginx-in-cluster-8x6zb date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 27D6 Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=yNmLP9rQQMo4Nf9r_SUS51H3k-vMEXFx https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yNmLP9rQQMo4Nf9r_SUS51H3k-vMEXFx	42 B 718 B	48ms 47ms	Image image/gif	52.213.168.6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yNmLP9rQQMo4Nf9r_SUS51H3k-vMEXFx Protocol H2 Server 52.213.168.6 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-168-6.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers dcs dcs-prod-irl1-2-v054-0d743c645.edge-irl1.demdex.com 2 ms pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid gEOeRSXYQSI= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 0 ms pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid W9q4QGk1Sis= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=yNmLP9rQQMo4Nf9r_SUS51H3k-vMEXFx cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	9.gif id5-sync.com/s/966/ Frame 27D6	43 B 921 B	125ms 25ms	Image image/gif	141.95.33.120 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/s/966/9.gif?puid=k-yD6Qa7vSOaF6r5II_CN2W_05-hnyL8gaCmnrag Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.33.120 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3203256.ip-141-95-33.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ Frame 27D6	43 B 199 B	175ms 48ms	Image image/gif	34.249.55.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-yNCjnLvSOaF6r5II_CN2W_05-hk5ellcuJt0Qg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.249.55.227 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-55-227.eu-west-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-origin * date Thu, 14 Dec 2023 01:29:09 GMT content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	sync matching.ivitrack.com/ Frame 27D6	42 B 265 B	91ms 34ms	Image image/gif	34.117.157.22 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://matching.ivitrack.com/sync?realm=criteo&uid=k-2L0gu7vSOaF6r5II_CN2W_05-hnHRiWYKC1J7Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 22.157.117.34.bc.googleusercontent.com Software istio-envoy / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT x-envoy-decorator-operation tag-manager.programmatic.svc.cluster.local:3000/* via 1.1 google server istio-envoy content-type image/gif cache-control public, max-age=86400 x-envoy-upstream-service-time 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42
GET H2	200	push exchange.mediavine.com/usersync/ Frame 27D6	0 879 B	94ms 25ms	Image text/html	3.125.15.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-nmsxgrvSOaF6r5II_CN2W_05-hnSx7w7jlb4Xw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.125.15.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-15-233.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT cache-control private, no-cache access-control-allow-credentials true content-encoding gzip vary Origin, Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	1017 jadserve.postrelease.com/suid/ Frame 27D6	43 B 422 B	385ms 124ms	Image image/gif	52.1.31.5 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/suid/1017?vk=k-czDYqLvSOaF6r5II_CN2W_05-hmpjuOe3enbzw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.31.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-31-5.compute-1.amazonaws.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:10 GMT server nginx content-type image/gif access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame 27D6	0 145 B	456ms 113ms	Image text/plain	70.42.32.255 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-DJl-0rvSOaF6r5II_CN2W_05-hnKLLCRJTS55A&initiator=partner Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 14 Dec 2023 01:29:10 GMT Cache-Control no-cache X-TraceId f99cec4585e0410005b75207d0097eae Content-Length 0
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 27D6	0 225 B	156ms 43ms	Image text/html	198.47.127.205 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-FyPHyrvSOaF6r5II_CN2W_05-hkmUEzvL9L-Sg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Thu, 14 Dec 2023 01:29:08 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	v1 match.sharethrough.com/sync/ Frame 27D6	0 35 B	70ms 22ms	Image text/plain	3.68.0.8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-79slxbvSOaF6r5II_CN2W_05-hngBtduGau6JQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.68.0.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-68-0-8.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT
GET H2	200	sync criteo-partners.tremorhub.com/ Frame 27D6	43 B 397 B	359ms 113ms	Image image/gif	2600:1f18:612b:4200:b356:89b7:4cae:66dd AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-Aq7CsLvSOaF6r5II_CN2W_05-hlTQc93gamnzA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4200:b356:89b7:4cae:66dd Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Thu, 14 Dec 2023 01:29:10 GMT server nginx content-type image/gif
GET H2	200	getusermatch.php a.twiago.com/rtb/ Frame 27D6	43 B 153 B	110ms 39ms	Image image/gif	85.215.5.31 CRONON-BERLIN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-R_0dzbvSOaF6r5II_CN2W_05-hneZIj9m3aTNw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE), Reverse DNS Software Apache / PHP/7.3.29 Resource Hash 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-origin * date Thu, 14 Dec 2023 01:29:09 GMT server Apache x-powered-by PHP/7.3.29 content-length 43 content-type image/gif
GET H/1.1	204 No Content	m ad.yieldlab.net/ Frame 27D6	0 235 B	92ms 32ms	Image text/plain	184.30.17.243 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-w73Fq7vSOaF6r5II_CN2W_05-hmr2NrATjGaTA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-17-243.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Dec 2023 01:29:09 GMT Cache-Control no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0 Connection keep-alive Expires Wed, 13 Dec 2023 01:29:09 GMT
POST H2	200	p tr.snapchat.com/	0 89 B	33ms 32ms	Ping text/plain	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway access-control-allow-origin https://www.hajper.com x-envoy-upstream-service-time 1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	setuid ib.adnxs.com/ Frame 27D6	43 B 854 B	71ms 71ms	Image image/gif	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=52&code=k-qoeAl7vSOaF6r5II_CN2W_05-hkfza4bZZdKMg Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:09 GMT an-x-request-uuid 4bb39de1-e633-4560-9fe5-18f4873f6e7a server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 217.114.218.25; 217.114.218.25; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200	e4634a9f18 Show response bam.nr-data.net/events/1/	24 B 341 B	123ms 123ms	XHR image/gif	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/e4634a9f18?a=37177158&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=1658&ck=1&ref=https://www.hajper.com/accessblocked Requested by Host: www.hajper.com URL: https://www.hajper.com/accessblocked Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://www.hajper.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 content-type text/plain Response headers date Thu, 14 Dec 2023 01:29:09 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type image/gif access-control-allow-origin https://www.hajper.com access-control-allow-credentials true Connection keep-alive Content-Length 24 x-served-by cache-fra-eddf8230095-FRA
GET H2	204	sync ups.analytics.yahoo.com/ups/58301/ Frame 27D6	0 15 B	26ms 26ms	Image text/plain	3.75.62.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-IvhMsbvSOaF6r5II_CN2W_05-hlEAEUAtpWwVQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-62-37.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.94 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 01:29:09 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.94 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 27D6 Redirect Chain https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cmGp0in8f52PHFPdVJ_BH0T2Exbk7HtK	0 338 B	155ms 47ms	Image text/plain	108.129.51.130 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cmGp0in8f52PHFPdVJ_BH0T2Exbk7HtK Protocol H2 Server 108.129.51.130 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-129-51-130.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-served-by beacon-n013-dub-prod.krxd.net date Thu, 14 Dec 2023 01:29:09 GMT cache-control private, no-cache, no-store x-request-time D=46 t=1702517349 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=cmGp0in8f52PHFPdVJ_BH0T2Exbk7HtK date Thu, 14 Dec 2023 01:29:08 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 575793 content-length 0
GET H2	200	cs s.thebrighttag.com/ Frame 27D6 Redirect Chain https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XxT-oTEq5S_JF7H4JlNW0oJB4OW-PqzC	35 B 268 B	360ms 115ms	Image image/gif	3.19.198.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XxT-oTEq5S_JF7H4JlNW0oJB4OW-PqzC Protocol H2 Server 3.19.198.47 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-19-198-47.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 01:29:10 GMT x-bt-requestid 2e658460-9a20-11ee-a618-0000ac170313 server nginx content-type image/gif access-control-allow-origin p3p CP=NOI DSP COR NID cache-control private, must-revalidate content-length 35 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=XxT-oTEq5S_JF7H4JlNW0oJB4OW-PqzC date Thu, 14 Dec 2023 01:29:09 GMT cache-control private, max-age=0, no-cache, no-store, must-revalidate strict-transport-security max-age=31536000; preload; server Kestrel server-processing-duration-in-ticks 629586 content-length 0