urlscan.io logo urlscan.io
SecurityTrails logo

birtday.se Open in urlscan Pro
109.74.4.246  Public Scan

Go To Rescan Add Verdict Report
URL: http://birtday.se/
Submission: On April 16 via api from US — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 31 HTTP transactions. The main IP is 109.74.4.246, located in Sweden and belongs to PORTLANE www.portlane.com, SE. The main domain is birtday.se.
This is the only time birtday.se was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 109.74.4.246 42708 (PORTLANE ...)
1 2 94.46.52.216 200719 (MISSDOMAIN)
1 3 142.250.184.226 15169 (GOOGLE)
5 142.250.184.194 15169 (GOOGLE)
2 159.253.26.175 42708 (PORTLANE ...)
2 2 35.186.231.97 15169 (GOOGLE)
2 2 63.33.94.145 16509 (AMAZON-02)
1 23.41.181.105 16625 (AKAMAI-AS)
1 2 35.195.100.26 396982 (GOOGLE-CL...)
1 172.217.18.2 15169 (GOOGLE)
1 142.250.186.34 15169 (GOOGLE)
6 142.250.185.225 15169 (GOOGLE)
5 172.217.16.130 15169 (GOOGLE)
1 142.250.186.132 15169 (GOOGLE)
31 13
4    109.74.4.246 (Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
PTR: 109-74-4-246-static.glesys.net
birtday.se
2    94.46.52.216 (Los Angeles, United States)

ASN200719 (MISSDOMAIN, SE)
PTR: vps.kaffeochte.se
retargettracker.com
www.retargettracker.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
5    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
2    159.253.26.175 (Sweden)

ASN42708 (PORTLANE www.portlane.com, SE)
PTR: 159-253-26-175-static.glesys.net
barnbutiken.se
datorbutiken.se
2    35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com
clk.tradedoubler.com
2    63.33.94.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-94-145.eu-west-1.compute.amazonaws.com
redirects.tradedoubler.com
1    23.41.181.105 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-181-105.deploy.static.akamaitechnologies.com
www.adlibris.com
2    35.195.100.26 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 26.100.195.35.bc.googleusercontent.com
letsdeal.se
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
adservice.google.se
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.com
6    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
5    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 138
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
141 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
160 KB
4 tradedoubler.com
clk.tradedoubler.com — Cisco Umbrella Rank: 86794
redirects.tradedoubler.com — Cisco Umbrella Rank: 145476
3 KB
4 birtday.se
birtday.se
24 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
75 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 letsdeal.se
letsdeal.se
284 B
2 retargettracker.com
retargettracker.com
www.retargettracker.com
3 KB
1 google.se
adservice.google.se — Cisco Umbrella Rank: 113517
531 B
1 adlibris.com
www.adlibris.com — Cisco Umbrella Rank: 388178
1 datorbutiken.se
datorbutiken.se
1 KB
1 barnbutiken.se
barnbutiken.se
1 KB
31 12
Domain Requested by
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
birtday.se
4 birtday.se birtday.se
3 www.googletagservices.com 1 redirects birtday.se
securepubads.g.doubleclick.net
2 letsdeal.se 1 redirects birtday.se
2 redirects.tradedoubler.com 2 redirects
2 clk.tradedoubler.com 2 redirects
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.se securepubads.g.doubleclick.net
1 www.adlibris.com birtday.se
1 datorbutiken.se retargettracker.com
1 barnbutiken.se retargettracker.com
1 www.retargettracker.com birtday.se
1 retargettracker.com 1 redirects
0 815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
31 17

This site contains links to these domains. Also see Links.

Domain
www.worldwildlife.org
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
barnbutiken.se
R3		 2023-02-16 -
2023-05-17		 3 months crt.sh
datorbutiken.se
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
adlibris.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-17		 a year crt.sh
letsdeal.se
R3		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.google.se
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://birtday.se/
Frame ID: F27AE9F96C5FD5AC9872AEDEBCD843CF
Requests: 14 HTTP requests in this frame

Frame: https://www.adlibris.com/se?affId=2390754&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=Barnbutiken+%28SE%29&tduid=6a29df28c88c4352dc25adc7d231e620
Frame ID: 74FAF0E3503053260C5E9D64B7021C14
Requests: 2 HTTP requests in this frame

Frame: https://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29
Frame ID: F7B38F5B5D582A6C52ADD60C818CBCA9
Requests: 2 HTTP requests in this frame

Frame: https://815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE162EBC57200011B461F9F941B5945F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYJvUWFIUaIRzfWdv5wIfEbbJHZP79O2SlzmUHMpoyZoqKHS8sZsQ_TcbBkEjfj6bzOHPe1gEPxyCgqJNpqL7yIaWHVbXej39tULXw9PDgtt4SyP7T-7WNwQZs-pRYnB6unGcfMkKgqAhYOG4gA5UrrsBG2Dc0WeUvcYw5RfkW5d8S9f66TFzLP1LGzU7cLW83lF0OFqOecbcDc5e8GdwWkWojw5GgD3jVaofdOvZERRdTyTJjiV2pKh8YxUUgvGEYVOdtVdHfPxgQ6niCvWC8DlVRouXGEHdBu_61wf6_IQJUdvC8Vujq&sai=AMfl-YSKzuXy-mbObJ_L690ie5NeG6HDGNlKDuMofqB0lay1Yc1r6sRdoafdgbBMQn5r3l-LoyxtDL4Bu2n0Dzlp47xjiqrgEPXKj1d9AuPFN24&sig=Cg0ArKJSzAGqGJybPb3rEAE&uach_m=[UACH]&adurl=
Frame ID: 3A58D7D3219C8A92A79CBEF19F91262A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E75519F6C708933CBC908C522F58E111
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A61270406B53410B5F2EDB5FD5016D3A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Birtday.se

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

77 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

13
IPs

5
Countries

405 kB
Transfer

1197 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://retargettracker.com/in/group/s5vj8ml0bxq HTTP 301
  • https://www.retargettracker.com/in/group/s5vj8ml0bxq
Request Chain 4
  • http://www.googletagservices.com/tag/js/gpt.js HTTP 302
  • https://www.googletagservices.com/tag/js/gpt.js
Request Chain 9
  • https://clk.tradedoubler.com/click?p=21&epi=1175378 HTTP 302
  • https://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=affiliate*_td_*KEEP_NEWEST&utm_campaign=Barnbutiken+%28SE%29*_td_*KEEP_NEWEST&tduid=6a29df28c88c4352dc25adc7d231e620&_td_deeplink=https://www.adlibris.com/se&affId=2390754 HTTP 302
  • https://www.adlibris.com/se?affId=2390754&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=Barnbutiken+%28SE%29&tduid=6a29df28c88c4352dc25adc7d231e620
Request Chain 10
  • https://clk.tradedoubler.com/click?p=291214&epi=1175378 HTTP 302
  • http://redirects.tradedoubler.com/projectr/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate*_td_*KEEP_NEWEST&utm_medium=cpc*_td_*KEEP_NEWEST&utm_campaign=Datorbutiken+%28SE%29*_td_*KEEP_NEWEST&_td_deeplink=http://letsdeal.se/ HTTP 302
  • http://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29 HTTP 308
  • https://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
birtday.se/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://birtday.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
259b93437784b9625a45bcda6fae71fbbb9475a00c90ca2ea0a10dd754d9177b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1484
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 06:03:21 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
global.css
birtday.se//live/includes/globals/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://birtday.se//live/includes/globals/global.css
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
34feaf7e01faa96a3c76b30c9baa57c9c0d22b62e05c5d96556c6aebe43fc999

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 06:03:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 May 2013 09:30:48 GMT
Server
Apache/2.4.10 (Debian)
ETag
"1619-4dd73743d6200-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1353
style.css
birtday.se//live/templatesdir/styles/Easy_Shopping/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://birtday.se//live/templatesdir/styles/Easy_Shopping/style.css
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
ba1298ba424cdd79e18d11bf0359116a03a7bce1e6295db3d6a3127f9e635ce5

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 06:03:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 May 2019 16:42:21 GMT
Server
Apache/2.4.10 (Debian)
ETag
"87f-58990c415f1af-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
690
jquery.js
birtday.se/live/includes//statistics/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://birtday.se/live/includes//statistics/jquery.js
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
HTTP/1.1
Server
109.74.4.246 , Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
109-74-4-246-static.glesys.net
Software
Apache/2.4.10 (Debian) /
Resource Hash
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 06:03:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 May 2012 12:46:13 GMT
Server
Apache/2.4.10 (Debian)
ETag
"d7e8-4bf71a7b96f40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19147
s5vj8ml0bxq
www.retargettracker.com/in/group/
Redirect Chain
  • http://retargettracker.com/in/group/s5vj8ml0bxq
  • https://www.retargettracker.com/in/group/s5vj8ml0bxq
6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.retargettracker.com/in/group/s5vj8ml0bxq
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
HTTP/1.1
Server
94.46.52.216 Los Angeles, United States, ASN200719 (MISSDOMAIN, SE),
Reverse DNS
vps.kaffeochte.se
Software
nginx/1.6.2 /
Resource Hash
05f0dbbab476c39fd43760579577d4d65d6f80312d784770e1c2f3d37ff704a3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 06:03:22 GMT, Sun, 16 Apr 2023 06:03:22 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000
Server
nginx/1.6.2
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private, no-cache, private
Connection
keep-alive

Redirect headers

Location
https://www.retargettracker.com/in/group/s5vj8ml0bxq
Date
Sun, 16 Apr 2023 06:03:22 GMT
Server
nginx/1.6.2
Connection
keep-alive
Content-Length
184
Content-Type
text/html
gpt.js
www.googletagservices.com/tag/js/
Redirect Chain
  • http://www.googletagservices.com/tag/js/gpt.js
  • https://www.googletagservices.com/tag/js/gpt.js
77 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
H2
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
05da2a34ef44a4cfafedea9c8621f07869f9b757bccfa4826e366edce526f77d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25622
x-xss-protection
0
server
cafe
etag
246 / 19463 / 31073818 / config-hash: 11787412583201714567
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 06:03:22 GMT

Redirect headers

Date
Sun, 16 Apr 2023 06:03:22 GMT
X-Content-Type-Options
nosniff
Server
cafe
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Location
https://www.googletagservices.com/tag/js/gpt.js
Content-Type
text/html; charset=UTF-8
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Sun, 16 Apr 2023 06:03:22 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 19:40:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
37349
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126862
x-xss-protection
0
server
cafe
etag
16869941564567738629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 14 Apr 2024 19:40:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		32 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=birtday.se
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ba84beed769bb6cd5d10b689ccf4591aeeb3eb0e105f4c6e139c58eeec7389b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
x-xss-protection
0
expires
Sun, 16 Apr 2023 06:03:22 GMT
out.php
barnbutiken.se/banners/ Frame 74FA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://barnbutiken.se/banners/out.php?id=614&code=b004b57be7&track=1175378
Requested by
Host: retargettracker.com
URL: http://retargettracker.com/in/group/s5vj8ml0bxq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.26.175 , Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-26-175-static.glesys.net
Software
Apache/2.4.25 (Debian) /
Resource Hash
de319b0de35981b62e4d7c104601a26c09f32d43f139dc54c2fe51614e618cdc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
949
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 06:03:22 GMT
Referrer-Policy
same-origin
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
out.php
datorbutiken.se/banners/ Frame F7B3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://datorbutiken.se/banners/out.php?id=437&code=5d4277a6cc&track=1175378
Requested by
Host: retargettracker.com
URL: http://retargettracker.com/in/group/s5vj8ml0bxq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.253.26.175 , Sweden, ASN42708 (PORTLANE www.portlane.com, SE),
Reverse DNS
159-253-26-175-static.glesys.net
Software
Apache/2.4.25 (Debian) /
Resource Hash
2188ea3c75f082bfb2cfa5d51175bc23a0b254776565a375cc59881da09b77de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
963
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 06:03:22 GMT
Referrer-Policy
same-origin
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
se
www.adlibris.com/ Frame 74FA
Redirect Chain
  • https://clk.tradedoubler.com/click?p=21&epi=1175378
  • https://redirects.tradedoubler.com/projectr/?utm_source=tradedoubler*_td_*KEEP_NEWEST&utm_medium=affiliate*_td_*KEEP_NEWEST&utm_campaign=Barnbutiken+%28SE%29*_td_*KEEP_NEWEST&tduid=6a29df28c88c4352...
  • https://www.adlibris.com/se?affId=2390754&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=Barnbutiken+%28SE%29&tduid=6a29df28c88c4352dc25adc7d231e620
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adlibris.com/se?affId=2390754&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=Barnbutiken+%28SE%29&tduid=6a29df28c88c4352dc25adc7d231e620
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.181.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-181-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=14515200
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-length
28453
content-type
text/html; charset=utf-8
date
Sun, 16 Apr 2023 06:03:23 GMT
expires
-1
feature-policy
geolocation 'none';midi 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker 'self';fullscreen 'self';payment 'none';
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=14515200
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block

Redirect headers

Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 06:03:23 GMT
Location
https://www.adlibris.com/se?affId=2390754&utm_source=tradedoubler&utm_medium=affiliate&utm_campaign=Barnbutiken+%28SE%29&tduid=6a29df28c88c4352dc25adc7d231e620
Server
Apache/2.4.56 (Ubuntu)
/
letsdeal.se/ Frame F7B3
Redirect Chain
  • https://clk.tradedoubler.com/click?p=291214&epi=1175378
  • http://redirects.tradedoubler.com/projectr/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate*_td_*KEEP_NEWEST&utm_medium=cpc*_td_*KEEP_NEWEST&utm_campaign=Datorbutiken+%28SE%29*_td_*KEEP...
  • http://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29
  • https://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.195.100.26 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
26.100.195.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://*.letsdeal.com https://*.letsdeal.com
Strict-Transport-Security max-age=15724800
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self' http://*.letsdeal.com https://*.letsdeal.com
content-type
text/html; charset=utf-8
date
Sun, 16 Apr 2023 06:03:23 GMT
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=15724800
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
164
Content-Type
text/html
Date
Sun, 16 Apr 2023 06:03:23 GMT
Location
https://letsdeal.se/?tduid=644413d4974b2f70aff48f8547dd8c55&utm_source=affiliate&utm_medium=cpc&utm_campaign=Datorbutiken+%28SE%29
integrator.js
adservice.google.se/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=birtday.se
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=birtday.se
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		286 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1824481734451656&correlator=4300620492249191&eid=31072020%2C31073677%2C31073818%2C31073824%2C31073830%2C31073839%2C31068367&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fifs&iu_parts=40173864%2CPT_parking%2CMT_parking%2CPT_panda_parking%2CMT_panda_parking%2CPT_3L_parking%2CMT_3L_parking&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=980x240%2C300x250%7C320x320%2C980x240%2C300x250%7C320x320%2C980x240%2C300x250%7C320x320&ifi=1&adks=3476279294%2C2678141265%2C2749035204%2C2120316577%2C1190095575%2C1655974940&sfv=1-0-40&prev_scp=Park%3DShopping%7CPark%3DShopping%7CPark%3DShopping%7CPark%3DShopping%7CPark%3DShopping%7CPark%3DShopping&sc=0&cookie_enabled=1&abxe=1&dt=1681625003004&lmt=1681625003&dlt=1681625002019&idt=951&adxs=310%2C-9%2C-9%2C-9%2C-9%2C-9&adys=189%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fbirtday.se%2F&frm=20&vis=1&psz=1600x336%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=980x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C0&ga_vid=1431374271.1681625003&ga_sid=1681625003&ga_hid=1096412614&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8c39fb5aebad3ec9f5ba747227bfcc075ec9251bf5ba7aaf1117c1a9f634edeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34936
x-xss-protection
0
google-lineitem-id
113711504,115433024,4971974787,4972037407,5037416616,5037414603
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138267872152,138267565076,138261689729,138261700725,138334178112,138267565506
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://birtday.se
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE16 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3A58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYJvUWFIUaIRzfWdv5wIfEbbJHZP79O2SlzmUHMpoyZoqKHS8sZsQ_TcbBkEjfj6bzOHPe1gEPxyCgqJNpqL7yIaWHVbXej39tULXw9PDgtt4SyP7T-7WNwQZs-pRYnB6unGcfMkKgqAhYOG4gA5UrrsBG2Dc0WeUvcYw5RfkW5d8S9f66TFzLP1LGzU7cLW83lF0OFqOecbcDc5e8GdwWkWojw5GgD3jVaofdOvZERRdTyTJjiV2pKh8YxUUgvGEYVOdtVdHfPxgQ6niCvWC8DlVRouXGEHdBu_61wf6_IQJUdvC8Vujq&sai=AMfl-YSKzuXy-mbObJ_L690ie5NeG6HDGNlKDuMofqB0lay1Yc1r6sRdoafdgbBMQn5r3l-LoyxtDL4Bu2n0Dzlp47xjiqrgEPXKj1d9AuPFN24&sig=Cg0ArKJSzAGqGJybPb3rEAE&uach_m=[UACH]&adurl=
Requested by
Host: birtday.se
URL: http://birtday.se/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Apr 2023 06:03:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 3A58 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 20:35:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
34066
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8756
x-xss-protection
0
server
cafe
etag
5179999606349116156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Apr 2023 20:35:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 3A58 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 10:20:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
70970
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Apr 2023 10:20:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A58 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49801
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681299295334834"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 16 Apr 2023 06:03:23 GMT
586247592027720933
tpc.googlesyndication.com/simgad/ Frame 3A58 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/586247592027720933
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
8215c47e2686134f2518db61040f57233533064de3c92386e0a9c41603b092c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 10:30:41 GMT
x-content-type-options
nosniff
age
70362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95421
x-xss-protection
0
last-modified
Tue, 16 Apr 2019 13:03:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 14 Apr 2024 10:30:41 GMT
truncated
/ Frame 3A58 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3197afb49be85f095c764b505783cb5000890a8d1ab24dc415feae3a5f0c8b9

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3A58 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEdy7htQz5a3e9ebU74oqpSEerJXethUK_YL2RRncH93ixWXES584y_ATDARENV5lJzFZkXefG6hJtGTLEmFpN6iFKH6XivsdsK3cVZgR2zJZ9R8gnXLR3JjNxo3nGEdzGL7rzeSHuNAU_q0M_-ihGq2qiawcgneccZ555twGm6ddxf3hIVg8f7nFyoYoz9_DjinnmaAr2dVO6tdAA60rdY8DtKA96_cT6VyiMgm-r3E4zJiNFRsWzfOFMcPSiF0_2ZmS57L_mSrQXSImqEBSrVHK8sfQvSSVdLIBb2WOBsGaMmq4i6rCY-m8&sai=AMfl-YSRD6zG4rYVnbx9LOaGO3QhWLqsFkwVNKY308TmRmzS0cdWwe8DgRljCj28mBlzRzGUHVTBpKUiuSNNmLWMpir9zup3jTD5hkSOIiZ2ybY&sig=Cg0ArKJSzPneBzL9c3KiEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 16 Apr 2023 06:03:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ead9b220a51ba59a9d375ef8a93c1b602e5c2be02d298f2ffe135c0d526c53c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11268
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Apr 2023 06:03:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E755 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://birtday.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
65277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Apr 2023 11:55:27 GMT
expires
Sun, 14 Apr 2024 11:55:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A612 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
572e6054f7fb3a6f739641c367a27014908b36095d9b807d9862eeeeaf6289fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LxQoE9SIV7YLQjgLqL3msA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://birtday.se/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-LxQoE9SIV7YLQjgLqL3msA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 06:03:24 GMT
expires
Sun, 16 Apr 2023 06:03:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
pagead2.googlesyndication.com/bg/ Frame E755 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sat, 15 Apr 2023 08:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
75831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14294
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 14 Apr 2024 08:59:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A58 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEuDRlLUBkoErNtzR1HoL7Pfn59znG0RCDSZwFZFir-F4aGQG8sTf1I_jUkdulFhc7doyMCxkKTuZvNOIVWOV9GbwtLgXPrjWw6b1pU5cgSRMgmkLW&sig=Cg0ArKJSzDQpXVQeeAILEAE&id=lidar2&mcvt=1000&p=189,310,429,1290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3476279294&rs=4&la=0&cr=0&vs=4&r=v&rst=1681625003187&rpt=340&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 06:03:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A612 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304110101&jk=1824481734451656&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E755 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7MidPg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 06:03:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304110101&jk=1824481734451656&bg=!3t2l3YnNAAZA7GLoYOw7ADkAdvg8WrLZVjqL7PMdp3mr2NZ2TwpFrdE1-MtE0E1YQhdnKWtoYbLK-TZHzG9NuTKHRomtdD4KS_wCAAAAkFIAAAAEaAEHCgBQLGCBLxV902HeDpCC64fIQ0DZyLsvbUoRIkwGjcyZyKGC-ESu4SbkE-hmGYpfC5b0bbzZodwHEFsj6KFlS1YaoftkFKFGgUvsk3Fo6rbJsXOZAvrFL1YxIBR8l4fYFbQBlHkV4sdC9gPrn0Bq8DP8N6tEfbGQTQIs0O1WwHEMIglC8SEMrK6DP8y9f5o4Pj2xjY5tX1-lIzrvaVBk_zPi_xYzXy2_wxa3ieKzyo5E0xdHosd1oAVdWhNQUm5E57QJ_avSFijLKtVe0s4TjWjAQdhd1ec45Uvjq_bbkRGT-sSpH0Kfz2S4-VcHSuqMttqSxIpp2zPTfj1d92Nrwtfa_ApfKjuK7zyoWdRAp_pLI0s3ARw4AB8h0VFEjEnfl3tjbjS2pHWIQCubecCRDDyej6dxGwPS5D_rjGfWP3Qf9DXKA5Dm-8slDls2ZpxXvMRSOlGCzCu4gNfG5cgmG1glYlKhkIxVYYApfAmzOQFfHhIQJ_rZ47TzQV3G9pmUfR3MN0X35viW9HRm33nR6uGLmQ60E0aPABMmtRV2TMRqS4lnkVGWcJrTva_4C3uEKapkBWxTb0_HEDXNV5m6Od8SGSla6vm9fw5MPZSqzml98mfEDFn_XlVXUqPXV8FkuhEz4ExC0tI5xUqqdCI9A58rwWX9qwNvCgytfIL-_J0W5wTEM6pHx54fJ2JasHjuEudeiNJSawqrbquOrd213iBUSrMR9_A9ejMAPtRHG7q0vkufCouZ7yO_OQxrXRv_kVEH9PyB3BfGaxaRBrBE63VSAe922Ak4EN3QhV94CxazxrgQWtz8YXc_p5SA8vjAzPJG_9P4JSXPl_epUtXcCE2MJ_NNPx-zpixV3P1rlj5hbrS7ARGKccT5c-lylEHLQdqt8YSZAGL4aKyrHMoMjdlOiE-CtISLIesJZ167X1bI7wFLmPmLDJ0AwT9F2kY0JLu7CJuwX5MX4WFxskG_LclUkQ9SQN2vb262bUHv6EhdwnNVLrWjjWQV96aQARtslowOXRXovmJj6ID5_oUNZBF3kldh8RckIdyCL9SFw391py6u0kDYOAo9UejRi-eH7XB9TnsHuET9bGzW3dSgAO00GddrnM1kTWvxYf0FBp8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://birtday.se/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com
URL
https://815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless function| $ function| jQuery function| selectText object| googletag object| ggeac object| google_js_reporting_queue object| __tracker_report object| Modernizr undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
birtday.se/ Name: PHPSESSID
Value: 5s5r80bmr1q21gai23h10vhse5
.tradedoubler.com/ Name: EH_0
Value: 1z11z1z10az2T02m3zLya5t0uOEyEuYdI4_IVliG%7avL_HugHVC1xYep%7ai%7a%79cKWrR1HQwSva.CmB52jkcPb2A2BetUkIwI0
.tradedoubler.com/ Name: GUID
Value: 1z11zz10azTP9vAz6a29df28c88c4352dc25adc7d231e620
.tradedoubler.com/ Name: TradeDoublerGUID
Value: 6a29df28c88c4352dc25adc7d231e620
.birtday.se/ Name: __gads
Value: ID=0876e22e9ff167b2:T=1681625003:S=ALNI_Ma4RXjdDhAof8Nv4uawYXxLdbp1-g
.birtday.se/ Name: __gpi
Value: UID=00000bd69c75b3ee:T=1681625003:RT=1681625003:S=ALNI_MZK3Nc7F0RqifpdlB1Sq-qjl0ZoAQ
.doubleclick.net/ Name: IDE
Value: AHWqTUl8I3l9ETjTBi2DniL3XXYcl7RDOCtFVX5n68n-haeHwTldgTH7knAwejsk0MU
redirects.tradedoubler.com/ Name: AWSELBCORS
Value: FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C92448B5DC41B6DF8F1BB665B74D1DBC44C6284783DD3A44B4296A014025AD53248C1BA03E231E71D15DBA2CF9A7C59ACA2

2 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.adlibris.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security error
Message:
Refused to frame 'https://letsdeal.se/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' http://*.letsdeal.com https://*.letsdeal.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com
adservice.google.com
adservice.google.se
barnbutiken.se
birtday.se
clk.tradedoubler.com
datorbutiken.se
letsdeal.se
pagead2.googlesyndication.com
redirects.tradedoubler.com
retargettracker.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.adlibris.com
www.google.com
www.googletagservices.com
www.retargettracker.com
815e6627765c73b9ca7f7b97fe22f8a5.safeframe.googlesyndication.com
109.74.4.246
142.250.184.194
142.250.184.226
142.250.185.225
142.250.186.132
142.250.186.34
159.253.26.175
172.217.16.130
172.217.18.2
23.41.181.105
35.186.231.97
35.195.100.26
63.33.94.145
94.46.52.216
05da2a34ef44a4cfafedea9c8621f07869f9b757bccfa4826e366edce526f77d
05f0dbbab476c39fd43760579577d4d65d6f80312d784770e1c2f3d37ff704a3
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
2188ea3c75f082bfb2cfa5d51175bc23a0b254776565a375cc59881da09b77de
259b93437784b9625a45bcda6fae71fbbb9475a00c90ca2ea0a10dd754d9177b
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34feaf7e01faa96a3c76b30c9baa57c9c0d22b62e05c5d96556c6aebe43fc999
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572e6054f7fb3a6f739641c367a27014908b36095d9b807d9862eeeeaf6289fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8215c47e2686134f2518db61040f57233533064de3c92386e0a9c41603b092c4
8c39fb5aebad3ec9f5ba747227bfcc075ec9251bf5ba7aaf1117c1a9f634edeb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
ba1298ba424cdd79e18d11bf0359116a03a7bce1e6295db3d6a3127f9e635ce5
ba84beed769bb6cd5d10b689ccf4591aeeb3eb0e105f4c6e139c58eeec7389b6
c3197afb49be85f095c764b505783cb5000890a8d1ab24dc415feae3a5f0c8b9
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
de319b0de35981b62e4d7c104601a26c09f32d43f139dc54c2fe51614e618cdc
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead9b220a51ba59a9d375ef8a93c1b602e5c2be02d298f2ffe135c0d526c53c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629