heaveaway.com Open in urlscan Pro
192.169.233.223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Submission: On April 02 via api (April 2nd 2024, 5:39:06 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 47 HTTP transactions. The main IP is 192.169.233.223, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is heaveaway.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 5th 2024. Valid for: 3 months.

This is the only time heaveaway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	192.169.233.223 192.169.233.223	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	13.224.189.63 13.224.189.63	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
12	108.138.225.100 108.138.225.100	16509 (AMAZON-02) (AMAZON-02)
4	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
47	15

4 192.169.233.223 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 223.233.169.192.host.secureserver.net

heaveaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agents.heaveaway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-63.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.138.225.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-225-100.lhr61.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-dzdsrrb34a-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net d9hhrg4mnvzow.cloudfront.net	1 MB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	506 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	80 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	411 B
4	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 30272	127 KB
4	heaveaway.com heaveaway.com agents.heaveaway.com	145 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 360	14 KB
2	run.app server-side-tagging-dzdsrrb34a-uc.a.run.app	946 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 23775	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 744	30 KB
0	unsplash.com Failed views.unsplash.com Failed
47	12

	Domain	Requested by
12	d9hhrg4mnvzow.cloudfront.net	heaveaway.com
6	www.googletagmanager.com	heaveaway.com www.googletagmanager.com www.google-analytics.com
5	connect.facebook.net	heaveaway.com connect.facebook.net
4	www.facebook.com	heaveaway.com
4	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com heaveaway.com
3	heaveaway.com	heaveaway.com
2	server-side-tagging-dzdsrrb34a-uc.a.run.app	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	builder-assets.unbounce.com	heaveaway.com
1	agents.heaveaway.com
1	code.jquery.com	heaveaway.com
0	views.unsplash.com Failed	heaveaway.com
47	13

This site contains no links.

Subject Issuer	Validity	Valid
heaveaway.com cPanel, Inc. Certification Authority	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 06	`2024-04-02` - `2024-06-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
agents.heaveaway.com cPanel, Inc. Certification Authority	`2024-03-01` - `2024-05-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Frame ID: DFFFAF333259360AFEFA2940626E1A9D
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Viking River Cruises | HeaveAway.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

96 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

15
IPs

2
Countries

2149 kB
Transfer

3577 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
heaveaway.com/viking-ocean-cruise-deals/ 99 KB
100 KB 1829ms
1206ms Document
text/html 192.169.233.223
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.169.233.223 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 223.233.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 2cafcb7f054cddc88807c6288cf4aa55314eb547d2d368d80cdf091508fa55a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=0; private
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Apr 2024 17:38:59 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
X-Unbounce-Plugin: 1
cf-cache-status: DYNAMIC
cf-ray: 86e29885ea522eeb-LAX
content-location: https://heaveaway.com/viking-ocean-cruise-deals/
link: <https://heaveaway.com/viking-ocean-cruise-deals/>; rel="canonical"
x-unbounce-pageid: 08c6e72c-e1fc-4bab-ac54-c24fe3423439
x-unbounce-variant: l
x-unbounce-visitorid: b53999d3-3f81-4c30-8e28-fbaa74690302

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 97ms
8ms Stylesheet
text/css 13.224.189.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 02:43:46 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-version-id: GVFgUU1TNBfYZFxmy4v_rBGa7MxrBKpW
x-amz-cf-pop: FRA2-C1
age: 9039315
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Fri, 15 Dec 2023 17:54:33 GMT
server: AmazonS3
etag: "65d94e355664eb0c202cee7db35a61b5"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: F4lZGNAzIsoIYZMNIgzjWdK7_R1D36T8ULsC2Wg-rQeF-eLAO1Kl1w==

GET
H/1.1 200
OK b907c51d6869e69d8a396f17f7ba15905e81aff2 Show response
heaveaway.com/_ub/static/ts/ 43 KB
44 KB 1481ms
1340ms Script
application/javascript 192.169.233.223
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://heaveaway.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.169.233.223 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 223.233.169.192.host.secureserver.net
Software: Apache /
Resource Hash: f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:39:00 GMT
cf-cache-status: HIT
Server: Apache
X-Unbounce-Plugin: 1
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=0; private
Connection: Keep-Alive
cf-ray: 86e298913a957eba-LAX
Keep-Alive: timeout=5, max=99

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 94ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
Origin: https://heaveaway.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3998037
x-cache: HIT, HIT
content-length: 30638
x-served-by: cache-lga21965-LGA, cache-fra-etou8220062-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712079541.729717,VS0,VE0
etag: W/"28feccc0-15851"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 45, 177910

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
78 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11126143068

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3716c251e87645979587ed28b92f47e254722747a1dd7da56c05396bfafa285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79292
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 16:59:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 17:39:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 57ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11339505000

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea9153ba93fc752d87e09a46415ba8cd5e23da98831f0ef896a0c4cebbf06ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80190
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 16:59:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 17:39:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
94 KB 46ms
30ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM7VF2M

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97a91671a9b93f3ddb321a742a6ce8c977442961481e8bb3384dc31ea16535f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95610
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 16:59:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 17:39:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 b682fa84-viking-difference-spaces-river-735x472-v3-tcm28-136954_100000008c0d40c3000000.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 101 KB
101 KB 488ms
437ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/b682fa84-viking-difference-spaces-river-735x472-v3-tcm28-136954_100000008c0d40c3000000.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abc85ee550d534fbe9e6f3dacf03e4501434f78f67581f3f4fbc823d4de38eb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: 3AAUC7KD_byISu0EDc0YwEQGk6oAN8yZ
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "75f80eac3fa624899f0714bbaf7f152f"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 103110
x-amz-cf-id: 5Tbu3inH7bEf6oyT4tNxhnVWwksNo7G3mwXyIQplAPhj88u4KJr4rQ==

GET
H2 200 9889cb1b207300657698713e8707c88cc102d9d9.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 25 KB
26 KB 445ms
394ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/9889cb1b207300657698713e8707c88cc102d9d9.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f57d3a7bcaafe9ced45757dacd12078609088fb236e9d13ae7f7214ac7bd5ecd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: QVjZu7jVf2w7CfjExgCZKb10n2ybnO5u
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "00f31cb81a5b9bba471495f9d6bb8f26"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 25707
x-amz-cf-id: cyJsZoLfCY77XJDhBiGzVxG4rZzVrko0KMQl6FKDTUbK6H36KmfYgA==

GET
H2 200 3cd17d4f-viking-difference-serviceviking-difference-river-735x472-tcm28-136957_100000008c0d4061000000.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 129 KB
130 KB 504ms
453ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/3cd17d4f-viking-difference-serviceviking-difference-river-735x472-tcm28-136957_100000008c0d4061000000.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91b8a47f27caa8e53bad8b3018d1eaf5e6890990517447dd18500aa34c903c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: 3uDvdVeP4pouyMnqfh8fWZrKe8oJLqmh
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "6f956377c59b5ee771480fe859bfccc5"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 132576
x-amz-cf-id: GDuoVjPZssTtfVCIeweldjpEHgXZX04wtzxJCO1yoqZc9mXM5luf3w==

GET
H2 200 main.bundle-4ea5d01.z.js Show response
builder-assets.unbounce.com/published-js/ 125 KB
39 KB 8ms
8ms Script
application/javascript 13.224.189.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-4ea5d01.z.js
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-63.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea5d010a87ac4f32be233cec4099eac5d1d2d89df8c9016bb0457167effeee0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 18 Mar 2024 22:26:49 GMT
content-encoding: gzip
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-version-id: Qq92r4XdYjFbBW7hBakPYgPjwPjd94RR
x-amz-cf-pop: FRA2-C1
age: 1278732
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 39952
last-modified: Mon, 18 Mar 2024 22:24:27 GMT
server: AmazonS3
etag: "8886684cd399bd044111f5c786588b07"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: QhyiiFeiAh_MeRqsP2nnx-3F6Bu8ol9GpSsE2-M9kf2qdSmyxdRMNQ==

GET
H2 200 d08cfd62-unsplash-shbk33guv3q-cruising-to-alaska_11hc140000000000000000.jpg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 358 KB
359 KB 473ms
431ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/d08cfd62-unsplash-shbk33guv3q-cruising-to-alaska_11hc140000000000000000.jpg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eb212d6150b8883e54369059cbeb67c3c299e3fe75622d03fd932aa44f5d21c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: Opi.6mVUe1v4Qz4hLDe0S_hgpr3cuuaU
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "dbcd06dccc6b5dee134dc1fd56be286e"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 366923
x-amz-cf-id: 67jbTtrKDtYlaFamWT_S-aqaH8w13K_u2wBKGKw9U6lKZReb8sO5Zw==

GET
H2 200 231099b773383d9a003b5ad3bc58bfe776b6c3c7.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 142 KB
142 KB 66ms
24ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/231099b773383d9a003b5ad3bc58bfe776b6c3c7.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 077c70a2966229332c50e0682ac8c659a1c13526a780c2f9975600f26ca03416

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 22:03:14 GMT
x-amz-version-id: RF8B7Aoqo_EGhCZz2Y1szm_iloddE1xx
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
age: 156946
etag: "468f89fb238f719361bc79eaea2c5807"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 145256
x-amz-cf-id: -TmytcKaUBJybcF8VJYNIlcPLQb7-4uzl7fvQzK7hSoAaWXmOmausw==

GET v
views.unsplash.com/ 0
0

GET
BLOB 200
OK 48f9d8f1-c14c-43dd-88ed-d791ee69f1a9
https://heaveaway.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://heaveaway.com/48f9d8f1-c14c-43dd-88ed-d791ee69f1a9
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-4ea5d01.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 5427
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 30 KB
3 KB 345ms
313ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-4ea5d01.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

a0c94ed5d64515e2248d83762b5554e0be6dab8dfe71bac7469d9fe4cd447c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 608fe451-1c9b-42ec-82d3-1aa2492a89b3
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Vm9cVGfzoAMEjPg=
content-length: 1981
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-660c42b5-572c0f7135f1db4c35db66f3
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: TH6BbzhsIJTx5D4GN6NBhGGWKpM_da50gnO_vyhMrrcplNr9fkEnOg==

GET
H2 200 1bf8cbdd-heaveawaylogo_102j01n02i01n000000000.png
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 7 KB
7 KB 415ms
393ms Image
image/png 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/1bf8cbdd-heaveawaylogo_102j01n02i01n000000000.png
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c9838e1ab79416606ad60594032f5bcc135b6f204334755fd81a037497edb19

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: XYSopGJqjRgYwng7SFdz0O2fmS7a6lPG
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "a8751b2a45c23461e05e0b6946b41ced"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 7053
x-amz-cf-id: qn19pWLdGkGIc4cDvHNdGiTl6cnzm83DRndZQ_FoyQa_OQt26J7yCg==

GET
H2 200 d1016426-viking-difference-stateroom-735x472-tcm28-136955_10ai06r08o06r00x000000.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 62 KB
62 KB 386ms
386ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/d1016426-viking-difference-stateroom-735x472-tcm28-136955_10ai06r08o06r00x000000.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d985166aefc6160c61d4ad9f329117a3e3d84aceac9f4c41a8b51fd901cc555

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: Gxoc4c088k9tbpjP7e1_YcPFN6x8CBk9
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "02a382c7705ff22f8f3b6700e642b005"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 62981
x-amz-cf-id: ukdvTIQopQUY87gWlqu5K-0SdvYc4sgDO7h23jxBPC4EDooOReNRww==

GET
H2 200 1b98ed9a-viking-difference-onboardviking-difference-river-735x472-tcm28-136958_10ai06r08o06r00x000000.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 76 KB
77 KB 458ms
458ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/1b98ed9a-viking-difference-onboardviking-difference-river-735x472-tcm28-136958_10ai06r08o06r00x000000.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 608f44823337c0ebb8b5a92d3f85bf852b3f67077ddad3d87cf43a6f6f37b6a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: z.dGH9.TMTRaa0bTf9HjaMRybGuBrz7v
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "0afd21f4ce39669c8eedf055eab7e832"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 78324
x-amz-cf-id: OQF7nAcmg66tM0Ux4yP-GiJGOlS4quKld-vDgIZFV8DbE3GfJ8ajuw==

GET
H2 200 e740a69e-viking-difference-inclusive-river-735x472-v2-tcm28-136960_10an06u08p06u00z000000.jpeg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 47 KB
48 KB 383ms
382ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/e740a69e-viking-difference-inclusive-river-735x472-v2-tcm28-136960_10an06u08p06u00z000000.jpeg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cddcc81875291c496758d1a5241102c5ca5d3a3881bcd55c94046f7850d0ee7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: EMmzb8lTrEx9tFTkxtJcUrBkCV8QvUuN
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "585a910d3fb4c9695a82b44005504d8a"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 48567
x-amz-cf-id: _acOJFQE96TlRJB_adAn--Aiu9jRM6dCr0pAmN4mWfCIZLroUK8Chg==

GET
H2 200 be758ae4-europe-night-2200w_10gp0b40eb092000009000.jpg
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 212 KB
213 KB 61ms
61ms Image
image/jpeg 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/be758ae4-europe-night-2200w_10gp0b40eb092000009000.jpg
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33b2ec5289f2bac90a6e44322a6323f40c7120c46edade8ad21311dfbce040db

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 22:03:15 GMT
x-amz-version-id: UoNjBEIRwgX7reZa5Kj82piyXlSjiW0p
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
age: 156946
etag: "2731450f42ba44082ae03bba0cff4636"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 217411
x-amz-cf-id: Q-TqygSPxeKQntGM0yGBrOUWGeMZd5QbTczCgfdSI4bVcnmrIg1w9Q==

GET
H2 200 7a4c9f1e-heaveawaylogo-smallwhite_102i01l000000000000000.png
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 4 KB
4 KB 423ms
423ms Image
image/png 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/7a4c9f1e-heaveawaylogo-smallwhite_102i01l000000000000000.png
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f47bfe815cd179581dd55b10c6d3303b52d0029a707f50c9b5804d64f87139ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: AG23QOY8asoR_FCiRGW1iExbI3kUGQWu
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "804427ef2e1c8d02958c9f69b7204105"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3720
x-amz-cf-id: A-Cw3rOjcGJ_Dj8Nr5PNAkVuR4blUiYQstW1ba4T7PAC9jVDIDzZUQ==

GET
H2 200 eb3ccd71-viking-logo-2-color-2022-08-04-20-13-31_103i01x03b01x003000000.png
d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/ 11 KB
11 KB 406ms
406ms Image
image/png 108.138.225.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/heaveaway.com/viking-ocean-cruise-deals/eb3ccd71-viking-logo-2-color-2022-08-04-20-13-31_103i01x03b01x003000000.png
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.225.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-225-100.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5afa5d5be5916056bb27d4b2c22df441bc21745428e88689b39365e196ed0ae9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:02 GMT
x-amz-version-id: QP7XiUf8NwRn1e1KSJGfBESRJW2Kbo_j
via: 1.1 b088f021bbfbe62b285291be4d6fc2ae.cloudfront.net (CloudFront)
last-modified: Sun, 31 Mar 2024 21:38:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P4
etag: "d8ea416cf9eb5cb1ca5f719e094b4abf"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 11100
x-amz-cf-id: SoIXwD_J4vXnzf1hEjNEVq65jcUi5I-SHM6JcmG6X3cBcYLYi6AYeg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11339505000&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11126143068

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f34753de0b5ed3c5c05263672a98cbef1bd5b739f1d0cb389c1f060622d627fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80254
x-xss-protection: 0
last-modified: Tue, 02 Apr 2024 16:59:24 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Apr 2024 17:39:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
7ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM7VF2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 Apr 2024 15:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6652
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 02 Apr 2024 17:48:08 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 70ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM7VF2M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 02 Apr 2024 17:39:00 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 262D51359FA74D399004B95B5A212C29 Ref B: FRA31EDGE0714 Ref C: 2024-04-02T17:39:00Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Apr 2024 17:39:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: pgJv6MBTBQvG1fsE1asWkel3JKoUGA9k/UDaSHJAmb8VtPGKgpmpiBbLsIEPaJ7YU8msgIXljEz9WI27al398A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
88 KB 29ms
28ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PPH7ZZNTB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM7VF2M

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5d80bdb7d645631830fff3f0fe71623472c2b2d482ca0bd49d4cbd674bfb7b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 17:39:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 14ms
14ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2047148891&t=pageview&_s=1&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&ul=en-us&de=UTF-8&dt=Viking%20River%20Cruises%20%7C%20HeaveAway.com&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YEBAAEABAAAAACAAI~&jid=323449123&gjid=1492730467&cid=733192015.1712079541&tid=UA-135286385-1&_gid=2084635925.1712079541&_r=1&_slc=1&gtm=45He4410n81PM7VF2Mv811188945za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1840804660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

cf650398ae0db4bef9916a04237b19b65689dc0b487e266440030235f338319f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 17:39:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://heaveaway.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 514021162577881 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 114ms
114ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/514021162577881?v=2.9.151&r=stable&domain=heaveaway.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8135365d14443cf404f40753f4a81d95a8286580338f6808cf20c900f8038d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=64, mss=1294, tbw=63165, tp=-1, tpl=-1, uplat=106, ullat=0
pragma: public
x-fb-debug: 7gGreIrMSNTpceNWi+GYGfm7pynkanoa0qzuvb3p8Cm0xwhtt/A6IafD/LNsy9Jul17AnlVZ4djMUJRKIzyy8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect
server-side-tagging-dzdsrrb34a-uc.a.run.app/g/ 0
453 B 310ms
269ms Ping
text/html 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-dzdsrrb34a-uc.a.run.app/g/collect?v=2&tid=G-0PPH7ZZNTB&gtm=45je4410v9136416348z8811188945za200&_p=1712079540743&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=733192015.1712079541&ul=en-us&sr=800x600&_fplc=0&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712079540&sct=1&seg=0&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&dt=Viking%20River%20Cruises%20%7C%20HeaveAway.com&en=page_view&_fv=1&_ss=1&tfd=2448
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PPH7ZZNTB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:01 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 144dffd4b053c49b885962170530c4f1
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 02 Apr 2024 17:39:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 28ms
27ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0PPH7ZZNTB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

047a01cccb8e50b87174091d130bd03c8894d0acb63ca3187e2b4de4be02b51b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:39:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 17:39:00 GMT

GET
H2 204 56251934.js Show response
bat.bing.com/p/action/ 0
118 B 85ms
85ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56251934.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 02 Apr 2024 17:39:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2915C51389C04467A7E941D63393AA5C Ref B: FRA31EDGE0714 Ref C: 2024-04-02T17:39:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56251934&tm=gtm002&Ver=2&mid=03484e6d-ca23-4ce5-83ab-3749e914e530&sid=e4271b60f11711eeaef3cfc2ebda1d95&vid=e4271a00f11711eeb547df0bfed786c8&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Viking%20River%20Cruises%20%7C%20HeaveAway.com&p=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&r=&lt=2306&evt=pageLoad&sv=1&rn=473960

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Apr 2024 17:39:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A85181AB8F44E3A8D883E1E39F535C3 Ref B: FRA31EDGE0714 Ref C: 2024-04-02T17:39:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 581121073894478 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 111ms
110ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/581121073894478?v=2.9.151&r=stable&domain=heaveaway.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104%2C182%2C181%2C183%2C188%2C189%2C190%2C186%2C178%2C121%2C149%2C177%2C179%2C112%2C143%2C134%2C138%2C118%2C173%2C214%2C105%2C215%2C151%2C109%2C132%2C125%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

c2c35104529f990af1fd5f50b80915f70d17bb263e86ceb93bdf5eb7672a3bcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4612, tp=11, tpl=0, uplat=102, ullat=0
pragma: public
x-fb-debug: Gix5LbhwVRCA09DHkGQWkKW/k1w+c10PmndcoAtmnTl3QWa979Fvrd+HaUuaXJ9fBjfIJGxC3d51sMgt4P5qKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 26ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=514021162577881&ev=PageView&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&rl=&if=false&ts=1712079541018&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712079541018.1917201490&ler=empty&cdl=API_unavailable&it=1712079540896&coo=false&rqm=GET

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 314957192465242 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 108ms
107ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/314957192465242?v=2.9.151&r=stable&domain=heaveaway.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104%2C182%2C181%2C183%2C188%2C189%2C190%2C186%2C178%2C121%2C149%2C177%2C179%2C112%2C143%2C134%2C138%2C118%2C173%2C214%2C105%2C215%2C151%2C109%2C132%2C125%2C113%2C123%2C116

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

12be603ba53f2553f990b41d17a63bd05d58b672865a836a1f5b5b7aadca07f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=29, mss=1232, tbw=11540, tp=18, tpl=0, uplat=100, ullat=0
pragma: public
x-fb-debug: Z0hL1IfhCBx/NrxUNOx9fbPkewA7pIud5hqI53E/YDlLQVvgRUSnaaRllVYtZAandcGKE6a3+6+I+yXRWmWcHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=581121073894478&ev=PageView&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&rl=&if=false&ts=1712079541134&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712079541018.1917201490&ler=empty&cdl=API_unavailable&cs_est=true&it=1712079540896&coo=false&rqm=GET

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1294, tbw=3119, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.ub-assets.com/fonts/s/opensans/v40/ 47 KB
48 KB 24ms
9ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic
Origin: https://heaveaway.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jan 2024 06:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 48236
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7989347
x-amzn-requestid: 03cbb073-c159-40df-8b9a-28ce0b76b3cd
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Q2MM5E7RIAMEEzg=
content-length: 48269
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65925a52-299627d7232a781b08eb8443
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: lX0xnKq78FsBJtk8fuCu1oNHXqIQgipONwD-SPC7bF9hxNt1nKXnrg==

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.ub-assets.com/fonts/s/playfairdisplay/v37/ 37 KB
38 KB 36ms
21ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic
Origin: https://heaveaway.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 02 Feb 2024 05:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 38372
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5228901
x-amzn-requestid: 86523801-198b-4ae5-92c4-289cab986fb5
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: SffklE7kIAMEuwQ=
content-length: 38289
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65bc7950-762880916eafc16c1f0fb567
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: D33i4-SVRTAd-MDzGY5SxCRQnzJ68DIltCYErU6tKZiIfeZNMkOIKg==

GET
H2 200 nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.ub-assets.com/fonts/s/playfairdisplay/v37/ 38 KB
39 KB 31ms
16ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/playfairdisplay/v37/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

89f75febfd1be53d2b7186e4a5fe27716e4c2d7814400bb108de6fa5c01e5610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.ub-assets.com/css?family=Open+Sans:regular,600,700,300%7CPlayfair+Display:700,900,regular,italic,400,700italic
Origin: https://heaveaway.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 02 Feb 2024 06:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 38748
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5225290
x-amzn-requestid: 70f22d0d-406b-490d-9323-3f2d1aa126a9
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: SfoYzE-7IAMEIJg=
content-length: 38781
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:04 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65bc876b-71c1fb1b1655aad42746154b
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PraxpUimryISqKnc5hGJlIgCZ6MyoBDl0UJYTzGnldTFSEyGGkWJHQ==

GET
H3 200 1067654644290967 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 86ms
85ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1067654644290967?v=2.9.151&r=stable&domain=heaveaway.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104%2C182%2C181%2C183%2C188%2C189%2C190%2C186%2C178%2C121%2C149%2C177%2C179%2C112%2C143%2C134%2C138%2C118%2C173%2C214%2C105%2C215%2C151%2C109%2C132%2C125%2C113%2C123%2C116

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

39b3615e7eb87753d55bc802b3456538fe9a651e4699b1a74db7d1f66dceef57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=31, mss=1232, tbw=14548, tp=22, tpl=0, uplat=79, ullat=0
pragma: public
x-fb-debug: EEsT/Xel/ZC1ajFKpYmY1b49LHgxP+5toN3tgTAi43Z0obv1pg4+59jWhWMEMFNxBQrPGyu+tmHLWf5zh19iWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 7ms
7ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=314957192465242&ev=PageView&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&rl=&if=false&ts=1712079541245&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712079541018.1917201490&ler=empty&cdl=API_unavailable&it=1712079540896&coo=false&rqm=GET

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4607, tp=11, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 8ms
8ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1067654644290967&ev=PageView&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&rl=&if=false&ts=1712079541356&sw=800&sh=600&v=2.9.151&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.1.1712079541018.1917201490&ler=empty&cdl=API_unavailable&it=1712079540896&coo=false&eid=a27e2418-ad41-4a08-97b7-0485eeb7cf63_1712079540743.6&rqm=GET

Requested by

Host: heaveaway.com
URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=5023, tp=15, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 02 Apr 2024 17:39:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 collect Show response
server-side-tagging-dzdsrrb34a-uc.a.run.app/g/ 65 B
493 B 269ms
269ms XHR
text/plain 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://server-side-tagging-dzdsrrb34a-uc.a.run.app/g/collect?v=2&tid=G-0PPH7ZZNTB&gtm=45je4410v9136416348z8811188945za200&_p=1712079540743&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=733192015.1712079541&ecid=2082803054&ul=en-us&sr=800x600&_fplc=0&ur=DE-NW&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&sst.uc=DE&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13l3l3l2l1&sst.tft=1712079540743&sst.ude=0&sid=1712079540&sct=1&seg=0&dl=https%3A%2F%2Fheaveaway.com%2Fviking-ocean-cruise-deals%2F%3Fsource%3DGoogle&dt=Viking%20River%20Cruises%20%7C%20HeaveAway.com&_s=2&tfd=2950&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0PPH7ZZNTB&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Apr 2024 17:39:01 GMT
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://heaveaway.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no
expires: Tue, 02 Apr 2024 17:39:01 GMT

POST
H/1.1 200
OK i
heaveaway.com/_ub/ 2 B
670 B 1804ms
1803ms Ping
text/plain 192.169.233.223
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://heaveaway.com/_ub/i
Requested by: Host: heaveaway.com
URL: https://heaveaway.com/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.169.233.223 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 223.233.169.192.host.secureserver.net
Software: Apache /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 02 Apr 2024 17:39:03 GMT
cf-cache-status: DYNAMIC
Server: Apache
X-Unbounce-Plugin: 1
Content-Type: text/plain; charset=UTF-8
access-control-allow-origin: https://heaveaway.com
Cache-Control: max-age=0; private
access-control-allow-credentials: true
Connection: Keep-Alive
cf-ray: 86e298a028e908c6-LAX
Keep-Alive: timeout=5, max=98
content-length: 2

GET
H/1.1 200
OK heaveawayfavh.png
agents.heaveaway.com/wp-content/uploads/2020/02/ 8 KB
0 2822ms
238ms Other
image/png 192.169.233.223
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://agents.heaveaway.com/wp-content/uploads/2020/02/heaveawayfavh.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.169.233.223 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 223.233.169.192.host.secureserver.net
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://heaveaway.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Apr 2024 17:39:05 GMT
Last-Modified: Fri, 28 Feb 2020 20:18:41 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 41506

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: views.unsplash.com
URL: https://views.unsplash.com/v?app_id=27955&photo_id=shbk33guv3q

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
heaveaway.com/viking-ocean-cruise-deals/	1970-01-20 23:59:37	Name: ubpv Value: l%2C08c6e72c-e1fc-4bab-ac54-c24fe3423439
heaveaway.com/	1970-01-20 23:53:51	Name: ubvs Value: b53999d3-3f81-4c30-8e28-fbaa74690302
.heaveaway.com/	1970-01-20 19:38:58	Name: ubvt Value: v2%7Cb53999d3-3f81-4c30-8e28-fbaa74690302%7C08c6e72c-e1fc-4bab-ac54-c24fe3423439%3Al%3Asingle
.unsplash.com/	1970-01-21 04:20:15	Name: ugid Value: 8e9ba33af16213e314c4f34d047e74c25706931
.heaveaway.com/	1970-01-20 21:44:15	Name: _gcl_au Value: 1.1.1459277178.1712079541
.heaveaway.com/	1970-01-20 19:36:05	Name: _gid Value: GA1.2.2084635925.1712079541
.heaveaway.com/	1970-01-20 19:34:39	Name: _gat_UA-135286385-1 Value: 1
.heaveaway.com/	1970-01-21 05:10:39	Name: _ga Value: GA1.1.733192015.1712079541
.heaveaway.com/	1970-01-21 05:10:39	Name: _ga_0PPH7ZZNTB Value: GS1.1.1712079540.1.0.1712079540.0.0.2082803054
.heaveaway.com/	1970-01-20 19:36:05	Name: _uetsid Value: e4271b60f11711eeaef3cfc2ebda1d95
.heaveaway.com/	1970-01-21 04:56:15	Name: _uetvid Value: e4271a00f11711eeb547df0bfed786c8
.bing.com/	1970-01-21 04:56:15	Name: MUID Value: 0BF7DDB022336B852EF7C9E5239F6A95
.heaveaway.com/	1970-01-20 21:44:15	Name: _fbp Value: fb.1.1712079541018.1917201490

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://heaveaway.com/viking-ocean-cruise-deals/?source=Google Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/514021162577881?v=2.9.151&r=stable&domain=heaveaway.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agents.heaveaway.com
bat.bing.com
builder-assets.unbounce.com
code.jquery.com
connect.facebook.net
d9hhrg4mnvzow.cloudfront.net
fonts.ub-assets.com
heaveaway.com
server-side-tagging-dzdsrrb34a-uc.a.run.app
views.unsplash.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
views.unsplash.com
108.138.225.100
13.224.189.63
13.32.99.8
142.250.181.232
157.240.252.13
157.240.252.35
192.169.233.223
2001:4860:4802:32::35
2001:4860:4802:34::178
2620:1ec:c11::200
2a00:1450:4001:82f::2008
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::649
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
047a01cccb8e50b87174091d130bd03c8894d0acb63ca3187e2b4de4be02b51b
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
077c70a2966229332c50e0682ac8c659a1c13526a780c2f9975600f26ca03416
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12be603ba53f2553f990b41d17a63bd05d58b672865a836a1f5b5b7aadca07f4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cafcb7f054cddc88807c6288cf4aa55314eb547d2d368d80cdf091508fa55a1
2eb212d6150b8883e54369059cbeb67c3c299e3fe75622d03fd932aa44f5d21c
33b2ec5289f2bac90a6e44322a6323f40c7120c46edade8ad21311dfbce040db
39b3615e7eb87753d55bc802b3456538fe9a651e4699b1a74db7d1f66dceef57
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4ea5d010a87ac4f32be233cec4099eac5d1d2d89df8c9016bb0457167effeee0
5afa5d5be5916056bb27d4b2c22df441bc21745428e88689b39365e196ed0ae9
5d80bdb7d645631830fff3f0fe71623472c2b2d482ca0bd49d4cbd674bfb7b05
608f44823337c0ebb8b5a92d3f85bf852b3f67077ddad3d87cf43a6f6f37b6a4
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7cddcc81875291c496758d1a5241102c5ca5d3a3881bcd55c94046f7850d0ee7
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
89f75febfd1be53d2b7186e4a5fe27716e4c2d7814400bb108de6fa5c01e5610
8c9838e1ab79416606ad60594032f5bcc135b6f204334755fd81a037497edb19
97a91671a9b93f3ddb321a742a6ce8c977442961481e8bb3384dc31ea16535f7
9d985166aefc6160c61d4ad9f329117a3e3d84aceac9f4c41a8b51fd901cc555
a0c94ed5d64515e2248d83762b5554e0be6dab8dfe71bac7469d9fe4cd447c96
abc85ee550d534fbe9e6f3dacf03e4501434f78f67581f3f4fbc823d4de38eb3
b8135365d14443cf404f40753f4a81d95a8286580338f6808cf20c900f8038d0
c2c35104529f990af1fd5f50b80915f70d17bb263e86ceb93bdf5eb7672a3bcc
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cf650398ae0db4bef9916a04237b19b65689dc0b487e266440030235f338319f
d3716c251e87645979587ed28b92f47e254722747a1dd7da56c05396bfafa285
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e91b8a47f27caa8e53bad8b3018d1eaf5e6890990517447dd18500aa34c903c3
ea9153ba93fc752d87e09a46415ba8cd5e23da98831f0ef896a0c4cebbf06ca2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34753de0b5ed3c5c05263672a98cbef1bd5b739f1d0cb389c1f060622d627fe
f47bfe815cd179581dd55b10c6d3303b52d0029a707f50c9b5804d64f87139ff
f57d3a7bcaafe9ced45757dacd12078609088fb236e9d13ae7f7214ac7bd5ecd
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596

heaveaway.com Open in urlscan Pro 192.169.233.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

50 %IPv6

12 Domains

13 Subdomains

15 IPs

2 Countries

2149 kBTransfer

3577 kBSize

13 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heaveaway.com Open in urlscan Pro
192.169.233.223 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

50 %
IPv6

12
Domains

13
Subdomains

15
IPs

2
Countries

2149 kB
Transfer

3577 kB
Size

13
Cookies

47 HTTP transactions
1 data transactions